Fix creating new things with a link share auth

2020-05-12 15:51:48 +02:00 · 2020-05-12 15:51:48 +02:00 · 4137d4aed2
parent cb095d70df
commit 4137d4aed2
3 changed files with 19 additions and 13 deletions
--- a/pkg/models/tasks.go
+++ b/pkg/models/tasks.go
@ -553,9 +553,16 @@ func (t *Task) Create(a web.Auth) (err error) {
 		return
 	}

-	u, err := user.GetUserByID(a.GetID())
-	if err != nil {
-		return err
+	if _, is := a.(*LinkSharing); is {
+		// A negative user id indicates user share links
+		t.CreatedByID = a.GetID() * -1
+	} else {
+		u, err := user.GetUserByID(a.GetID())
+		if err != nil {
+			return err
+		}
+		t.CreatedByID = u.ID
+		t.CreatedBy = u
 	}

 	// Generate a uuid if we don't already have one
@ -586,8 +593,6 @@ func (t *Task) Create(a web.Auth) (err error) {
 	}

 	t.Index = latestTask.Index + 1
-	t.CreatedByID = u.ID
-	t.CreatedBy = u
 	// If no position was supplied, set a default one
 	if t.Position == 0 {
 		t.Position = float64(latestTask.ID+1) * math.Pow(2, 16)
--- a/pkg/routes/api/v1/task_attachment.go
+++ b/pkg/routes/api/v1/task_attachment.go
@ -18,7 +18,6 @@ package v1

 import (
 	"code.vikunja.io/api/pkg/models"
-	user2 "code.vikunja.io/api/pkg/user"
 	"code.vikunja.io/web/handler"
 	"github.com/labstack/echo/v4"
 	"net/http"
@ -46,11 +45,12 @@ func UploadTaskAttachment(c echo.Context) error {
 	}

 	// Rights check
-	user, err := user2.GetCurrentUser(c)
+	auth, err := GetAuthFromClaims(c)
 	if err != nil {
 		return handler.HandleHTTPError(err, c)
 	}
-	can, err := taskAttachment.CanCreate(user)
+
+	can, err := taskAttachment.CanCreate(auth)
 	if err != nil {
 		return handler.HandleHTTPError(err, c)
 	}
@ -83,7 +83,7 @@ func UploadTaskAttachment(c echo.Context) error {
 		}
 		defer f.Close()

-		err = ta.NewAttachment(f, file.Filename, uint64(file.Size), user)
+		err = ta.NewAttachment(f, file.Filename, uint64(file.Size), auth)
 		if err != nil {
 			r.Errors = append(r.Errors, handler.HandleHTTPError(err, c))
 			continue
@ -115,11 +115,11 @@ func GetTaskAttachment(c echo.Context) error {
 	}

 	// Rights check
-	user, err := user2.GetCurrentUser(c)
+	auth, err := GetAuthFromClaims(c)
 	if err != nil {
 		return handler.HandleHTTPError(err, c)
 	}
-	can, err := taskAttachment.CanRead(user)
+	can, err := taskAttachment.CanRead(auth)
 	if err != nil {
 		return handler.HandleHTTPError(err, c)
 	}
--- a/pkg/routes/api/v1/user_list.go
+++ b/pkg/routes/api/v1/user_list.go
@ -73,11 +73,12 @@ func ListUsersForList(c echo.Context) error {
 	}

 	list := models.List{ID: listID}
-	currentUser, err := user.GetCurrentUser(c)
+	auth, err := GetAuthFromClaims(c)
 	if err != nil {
 		return handler.HandleHTTPError(err, c)
 	}
-	canRead, err := list.CanRead(currentUser)
+
+	canRead, err := list.CanRead(auth)
 	if err != nil {
 		return handler.HandleHTTPError(err, c)
 	}