diff --git a/Featurecreep.md b/Featurecreep.md index 139a041651f..3a7d84d51f0 100644 --- a/Featurecreep.md +++ b/Featurecreep.md @@ -115,9 +115,9 @@ Teams sind global, d.h. Ein Team kann mehrere Namespaces verwalten. Ein zu lösendes Problem: Wie regelt man die Berechtigungen um Teams zu verwalten? * [ ] Namespaces - * [ ] Erstellen - * [ ] Ansehen - * [ ] Bearbeiten + * [x] Erstellen + * [x] Ansehen + * [x] Bearbeiten * [ ] Löschen * [ ] Teams hinzufügen. Der Nutzer kriegt nur Teams angezeigt die er erstellt hat. * [ ] Listen @@ -157,5 +157,6 @@ Teams sind global, d.h. Ein Team kann mehrere Namespaces verwalten. * [x] Swagger UI aufsetzen * [ ] Globale Limits für anlegbare Listen + Namespaces +* [ ] Mgl., dass die Instanz geschlossen ist, also sich keiner registrieren kann, und man sich einloggen muss * [ ] mgl. zum Emailmaskieren haben (in den Nutzereinstellungen, wenn man seine Email nicht an alle Welt rausposaunen will) -* [ ] Mgl. zum Accountlöschen haben (so richtig krass mit emailverifiezierung und dass alle Privaten Listen gelöscht werden und man alle geteilten entweder wem übertragen muss oder auf provat stellen) \ No newline at end of file +* [ ] Mgl. zum Accountlöschen haben (so richtig krass mit emailverifiezierung und dass alle Privaten Listen gelöscht werden und man alle geteilten entweder wem übertragen muss oder auf provat stellen) diff --git a/models/error.go b/models/error.go index 78200423947..fe26d46b0b8 100644 --- a/models/error.go +++ b/models/error.go @@ -241,3 +241,21 @@ func IsErrNeedToBeNamespaceOwner(err error) bool { func (err ErrNeedToBeNamespaceOwner) Error() string { return fmt.Sprintf("You need to be namespace owner to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID) } + +// ErrUserDoesNotHaveAccessToNamespace represents an error, where the user is not the owner of that namespace (used i.e. when deleting a namespace) +type ErrUserDoesNotHaveAccessToNamespace struct { + NamespaceID int64 + UserID int64 +} + +// IsErrUserDoesNotHaveAccessToNamespace checks if an error is a ErrNamespaceDoesNotExist. +func IsErrUserDoesNotHaveAccessToNamespace(err error) bool { + _, ok := err.(ErrUserDoesNotHaveAccessToNamespace) + return ok +} + +func (err ErrUserDoesNotHaveAccessToNamespace) Error() string { + return fmt.Sprintf("You need to be namespace owner to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID) +} + + diff --git a/models/list_items_create_update.go b/models/list_items_create_update.go index b5e8cefc13f..e9f36eea8b3 100644 --- a/models/list_items_create_update.go +++ b/models/list_items_create_update.go @@ -10,12 +10,11 @@ func CreateOrUpdateListItem(item *ListItem) (newItem *ListItem, err error) { } // Check if the user exists - user, _, err := GetUserByID(item.CreatedBy.ID) + item.CreatedBy, _, err = GetUserByID(item.CreatedBy.ID) if err != nil { return } item.CreatedByID = item.CreatedBy.ID - item.CreatedBy = user // TODO: Check if the user has the right to add/update an item to that list diff --git a/models/lists.go b/models/lists.go index ca6b6330a4e..6c29b00026e 100644 --- a/models/lists.go +++ b/models/lists.go @@ -65,10 +65,6 @@ func GetListsByUser(user *User) (lists []*List, err error) { } func GetListsByNamespaceID(nID int64) (lists []*List, err error) { - exists, err := x.Where("namespace_id = ?", nID).Get(lists) - if !exists { - return lists, ErrNamespaceDoesNotExist{} - } - - return + err = x.Where("namespace_id = ?", nID).Find(&lists) + return lists, err } diff --git a/models/namespaces.go b/models/namespaces.go index 662f39b4f14..4ae6dbc8f0b 100644 --- a/models/namespaces.go +++ b/models/namespaces.go @@ -47,15 +47,15 @@ func (user *User) IsNamespaceAdmin(namespace *Namespace) (ok bool, err error) { return } -func (user *User) HasNamespaceAccess(namespace *Namespace) (has bool, err error) { +func (user *User) HasNamespaceAccess(namespace *Namespace) (err error) { // Owners always have access if user.ID == namespace.Owner.ID { - return true, nil + return nil } // Check if the user is in a team which has access to the namespace - return + return ErrUserDoesNotHaveAccessToNamespace{UserID:user.ID, NamespaceID:namespace.ID} } func GetNamespaceByID(id int64) (namespace Namespace, err error) { diff --git a/routes/api/v1/list_by_namespace.go b/routes/api/v1/list_by_namespace.go index 5a70cbec44b..5e3f8ec6c19 100644 --- a/routes/api/v1/list_by_namespace.go +++ b/routes/api/v1/list_by_namespace.go @@ -4,7 +4,7 @@ import ( "git.kolaente.de/konrad/list/models" "github.com/labstack/echo" "net/http" - "strconv" + "fmt" ) func GetListsByNamespaceID(c echo.Context) error { @@ -29,38 +29,26 @@ func GetListsByNamespaceID(c echo.Context) error { // "500": // "$ref": "#/responses/Message" - // Check if we have our ID - id := c.Param("id") - // Make int - namespaceID, err := strconv.ParseInt(id, 10, 64) - + // Get our namespace + namespace, err := getNamespace(c) if err != nil { - return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."}) - } - - // Check if the user has acces to that namespace - user, err := models.GetCurrentUser(c) - if err != nil { - return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) - } - has, err := user.HasNamespaceAccess(&models.Namespace{ID: namespaceID}) - if err != nil { - return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) - } - if !has { - return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."}) - } - - // Get the lists - lists, err := models.GetListsByNamespaceID(namespaceID) - if err != nil { - if models.IsErrNamespaceDoesNotExist(err) { return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."}) } - + if models.IsErrUserDoesNotHaveAccessToNamespace(err) { + return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."}) + } return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) } + // Get the lists + lists, err := models.GetListsByNamespaceID(namespace.ID) + if err != nil { + if models.IsErrNamespaceDoesNotExist(err) { + return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."}) + } + fmt.Println(err) + return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) + } return c.JSON(http.StatusOK, lists) } diff --git a/routes/api/v1/namespace_show.go b/routes/api/v1/namespace_show.go index 649e9f7a420..127606985f7 100644 --- a/routes/api/v1/namespace_show.go +++ b/routes/api/v1/namespace_show.go @@ -29,37 +29,47 @@ func ShowNamespace(c echo.Context) error { // "500": // "$ref": "#/responses/Message" + namespace, err := getNamespace(c) + if err != nil { + if models.IsErrNamespaceDoesNotExist(err) { + return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."}) + } + if models.IsErrUserDoesNotHaveAccessToNamespace(err) { + return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."}) + } + return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) + } + + return c.JSON(http.StatusOK, namespace) +} + +func getNamespace(c echo.Context) (namespace models.Namespace, err error) { // Check if we have our ID id := c.Param("id") // Make int namespaceID, err := strconv.ParseInt(id, 10, 64) - if err != nil { - return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."}) + return } // Get the namespace - namespace, err := models.GetNamespaceByID(namespaceID) + namespace, err = models.GetNamespaceByID(namespaceID) if err != nil { if models.IsErrNamespaceDoesNotExist(err) { - return c.JSON(http.StatusBadRequest, models.Message{"The namespace does not exist."}) + return } - return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) + return } // Check if the user has acces to that namespace user, err := models.GetCurrentUser(c) if err != nil { - return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) + return } - - has, err := user.HasNamespaceAccess(&namespace) + err = user.HasNamespaceAccess(&namespace) if err != nil { - return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) - } - if !has { - return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."}) + return } - return c.JSON(http.StatusOK, namespace) -} + return +} \ No newline at end of file