From bfb01898c2e9f902acf69bdf83c01fd0f5a1ba1a Mon Sep 17 00:00:00 2001 From: kolaente Date: Wed, 6 Sep 2023 10:33:52 +0200 Subject: [PATCH] fix(api tokens)!: make sure task create routes are available to use with the api BREAKING CHANGE: The api route to create a new task is now /projects/:project/tasks instead of /projects/:project --- pkg/models/api_routes.go | 10 +++++++++- pkg/models/tasks.go | 2 +- pkg/routes/routes.go | 2 +- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/pkg/models/api_routes.go b/pkg/models/api_routes.go index c7655a06382..a9b3ed1ad96 100644 --- a/pkg/models/api_routes.go +++ b/pkg/models/api_routes.go @@ -55,6 +55,8 @@ func getRouteGroupName(path string) string { finalName := strings.Join(filteredParts, "_") switch finalName { + case "projects_tasks": + return "tasks" case "tasks_all": return "tasks" default: @@ -129,7 +131,13 @@ func GetAvailableAPIRoutesForToken(c echo.Context) error { // CanDoAPIRoute checks if a token is allowed to use the current api route func CanDoAPIRoute(c echo.Context, token *APIToken) (can bool) { - path := c.Request().URL.Path + path := c.Path() + if path == "" { + // c.Path() is empty during testing, but returns the path which the route used during registration + // which is what we need. + path = c.Request().URL.Path + } + routeGroupName := getRouteGroupName(path) group, hasGroup := token.Permissions[routeGroupName] diff --git a/pkg/models/tasks.go b/pkg/models/tasks.go index def726121ec..c542ed34ff7 100644 --- a/pkg/models/tasks.go +++ b/pkg/models/tasks.go @@ -717,7 +717,7 @@ func getNextTaskIndex(s *xorm.Session, projectID int64) (nextIndex int64, err er // @Failure 400 {object} web.HTTPError "Invalid task object provided." // @Failure 403 {object} web.HTTPError "The user does not have access to the project" // @Failure 500 {object} models.Message "Internal error" -// @Router /projects/{id} [put] +// @Router /projects/{id}/tasks [put] func (t *Task) Create(s *xorm.Session, a web.Auth) (err error) { return createTask(s, t, a, true) } diff --git a/pkg/routes/routes.go b/pkg/routes/routes.go index b618ab3b8fb..bb1e280ecdc 100644 --- a/pkg/routes/routes.go +++ b/pkg/routes/routes.go @@ -379,7 +379,7 @@ func registerAPIRoutes(a *echo.Group) { return &models.Task{} }, } - a.PUT("/projects/:project", taskHandler.CreateWeb) + a.PUT("/projects/:project/tasks", taskHandler.CreateWeb) a.GET("/tasks/:projecttask", taskHandler.ReadOneWeb) a.GET("/tasks/all", taskCollectionHandler.ReadAllWeb) a.DELETE("/tasks/:projecttask", taskHandler.DeleteWeb)