Add session handling for link shares and related entities

2020-12-22 17:41:39 +01:00 · 2020-12-22 17:41:39 +01:00 · 5758506e7c
parent 9dabbab245
commit 5758506e7c
10 changed files with 34 additions and 34 deletions
--- a/pkg/models/link_sharing.go
+++ b/pkg/models/link_sharing.go
@ -100,7 +100,7 @@ func GetLinkShareFromClaims(claims jwt.MapClaims) (share *LinkSharing, err error
 // @Failure 404 {object} web.HTTPError "The list does not exist."
 // @Failure 500 {object} models.Message "Internal error"
 // @Router /lists/{list}/shares [put]
-func (share *LinkSharing) Create(a web.Auth) (err error) {
+func (share *LinkSharing) Create(s *xorm.Session, a web.Auth) (err error) {

 	err = share.Right.isValid()
 	if err != nil {
@ -109,7 +109,7 @@ func (share *LinkSharing) Create(a web.Auth) (err error) {

 	share.SharedByID = a.GetID()
 	share.Hash = utils.MakeRandomString(40)
-	_, err = x.Insert(share)
+	_, err = s.Insert(share)
 	share.SharedBy, _ = user.GetFromAuth(a)
 	return
 }
@ -128,8 +128,8 @@ func (share *LinkSharing) Create(a web.Auth) (err error) {
 // @Failure 404 {object} web.HTTPError "Share Link not found."
 // @Failure 500 {object} models.Message "Internal error"
 // @Router /lists/{list}/shares/{share} [get]
-func (share *LinkSharing) ReadOne() (err error) {
-	exists, err := x.Where("id = ?", share.ID).Get(share)
+func (share *LinkSharing) ReadOne(s *xorm.Session) (err error) {
+	exists, err := s.Where("id = ?", share.ID).Get(share)
 	if err != nil {
 		return err
 	}
@ -153,9 +153,9 @@ func (share *LinkSharing) ReadOne() (err error) {
 // @Success 200 {array} models.LinkSharing "The share links"
 // @Failure 500 {object} models.Message "Internal error"
 // @Router /lists/{list}/shares [get]
-func (share *LinkSharing) ReadAll(a web.Auth, search string, page int, perPage int) (result interface{}, resultCount int, totalItems int64, err error) {
+func (share *LinkSharing) ReadAll(s *xorm.Session, a web.Auth, search string, page int, perPage int) (result interface{}, resultCount int, totalItems int64, err error) {
 	list := &List{ID: share.ListID}
-	can, _, err := list.CanRead(nil, a)
+	can, _, err := list.CanRead(s, a)
 	if err != nil {
 		return nil, 0, 0, err
 	}
@ -166,7 +166,7 @@ func (share *LinkSharing) ReadAll(a web.Auth, search string, page int, perPage i
 	limit, start := getLimitFromPageIndex(page, perPage)

 	var shares []*LinkSharing
-	query := x.
+	query := s.
 		Where("list_id = ? AND hash LIKE ?", share.ListID, "%"+search+"%")
 	if limit > 0 {
 		query = query.Limit(limit, start)
@ -183,7 +183,7 @@ func (share *LinkSharing) ReadAll(a web.Auth, search string, page int, perPage i
 	}

 	users := make(map[int64]*user.User)
-	err = x.In("id", userIDs).Find(&users)
+	err = s.In("id", userIDs).Find(&users)
 	if err != nil {
 		return nil, 0, 0, err
 	}
@ -193,7 +193,7 @@ func (share *LinkSharing) ReadAll(a web.Auth, search string, page int, perPage i
 	}

 	// Total count
-	totalItems, err = x.
+	totalItems, err = s.
 		Where("list_id = ? AND hash LIKE ?", share.ListID, "%"+search+"%").
 		Count(&LinkSharing{})
 	if err != nil {
@ -217,15 +217,15 @@ func (share *LinkSharing) ReadAll(a web.Auth, search string, page int, perPage i
 // @Failure 404 {object} web.HTTPError "Share Link not found."
 // @Failure 500 {object} models.Message "Internal error"
 // @Router /lists/{list}/shares/{share} [delete]
-func (share *LinkSharing) Delete() (err error) {
-	_, err = x.Where("id = ?", share.ID).Delete(share)
+func (share *LinkSharing) Delete(s *xorm.Session) (err error) {
+	_, err = s.Where("id = ?", share.ID).Delete(share)
 	return
 }

 // GetLinkShareByHash returns a link share by hash
-func GetLinkShareByHash(hash string) (share *LinkSharing, err error) {
+func GetLinkShareByHash(s *xorm.Session, hash string) (share *LinkSharing, err error) {
 	share = &LinkSharing{}
-	has, err := x.Where("hash = ?", hash).Get(share)
+	has, err := s.Where("hash = ?", hash).Get(share)
 	if err != nil {
 		return
 	}
@ -237,7 +237,7 @@ func GetLinkShareByHash(hash string) (share *LinkSharing, err error) {

 // GetListByShareHash returns a link share by its hash
 func GetListByShareHash(s *xorm.Session, hash string) (list *List, err error) {
-	share, err := GetLinkShareByHash(hash)
+	share, err := GetLinkShareByHash(s, hash)
 	if err != nil {
 		return
 	}
--- a/pkg/models/link_sharing_rights.go
+++ b/pkg/models/link_sharing_rights.go
@ -32,22 +32,22 @@ func (share *LinkSharing) CanRead(s *xorm.Session, a web.Auth) (bool, int, error
 	if err != nil {
 		return false, 0, err
 	}
-	return l.CanRead(nil, a)
+	return l.CanRead(s, a)
 }

 // CanDelete implements the delete right check for a link share
-func (share *LinkSharing) CanDelete(a web.Auth) (bool, error) {
-	return share.canDoLinkShare(a)
+func (share *LinkSharing) CanDelete(s *xorm.Session, a web.Auth) (bool, error) {
+	return share.canDoLinkShare(s, a)
 }

 // CanUpdate implements the update right check for a link share
-func (share *LinkSharing) CanUpdate(a web.Auth) (bool, error) {
-	return share.canDoLinkShare(a)
+func (share *LinkSharing) CanUpdate(s *xorm.Session, a web.Auth) (bool, error) {
+	return share.canDoLinkShare(s, a)
 }

 // CanCreate implements the create right check for a link share
-func (share *LinkSharing) CanCreate(a web.Auth) (bool, error) {
-	return share.canDoLinkShare(a)
+func (share *LinkSharing) CanCreate(s *xorm.Session, a web.Auth) (bool, error) {
+	return share.canDoLinkShare(s, a)
 }

 func (share *LinkSharing) canDoLinkShare(s *xorm.Session, a web.Auth) (bool, error) {
@ -66,5 +66,5 @@ func (share *LinkSharing) canDoLinkShare(s *xorm.Session, a web.Auth) (bool, err
 		return l.IsAdmin(s, a)
 	}

-	return l.CanWrite(nil, a)
+	return l.CanWrite(s, a)
 }
--- a/pkg/models/list_duplicate.go
+++ b/pkg/models/list_duplicate.go
@ -41,7 +41,7 @@ type ListDuplicate struct {
 func (ld *ListDuplicate) CanCreate(a web.Auth) (canCreate bool, err error) {
 	// List Exists + user has read access to list
 	ld.List = &List{ID: ld.ListID}
-	canRead, _, err := ld.List.CanRead(nil, a)
+	canRead, _, err := ld.List.CanRead(s, a)
 	if err != nil || !canRead {
 		return canRead, err
 	}
--- a/pkg/models/list_team.go
+++ b/pkg/models/list_team.go
@ -169,7 +169,7 @@ func (tl *TeamList) Delete() (err error) {
 func (tl *TeamList) ReadAll(a web.Auth, search string, page int, perPage int) (result interface{}, resultCount int, totalItems int64, err error) {
 	// Check if the user can read the namespace
 	l := &List{ID: tl.ListID}
-	canRead, _, err := l.CanRead(nil, a)
+	canRead, _, err := l.CanRead(s, a)
 	if err != nil {
 		return nil, 0, 0, err
 	}
--- a/pkg/models/list_users.go
+++ b/pkg/models/list_users.go
@ -175,7 +175,7 @@ func (lu *ListUser) Delete() (err error) {
 func (lu *ListUser) ReadAll(a web.Auth, search string, page int, perPage int) (result interface{}, resultCount int, numberOfTotalItems int64, err error) {
 	// Check if the user has access to the list
 	l := &List{ID: lu.ListID}
-	canRead, _, err := l.CanRead(nil, a)
+	canRead, _, err := l.CanRead(s, a)
 	if err != nil {
 		return nil, 0, 0, err
 	}
--- a/pkg/models/task_assignees.go
+++ b/pkg/models/task_assignees.go
@ -207,7 +207,7 @@ func (t *Task) addNewAssigneeByID(newAssigneeID int64, list *List) (err error) {
 	if err != nil {
 		return err
 	}
-	canRead, _, err := list.CanRead(nil, newAssignee)
+	canRead, _, err := list.CanRead(s, newAssignee)
 	if err != nil {
 		return err
 	}
@ -247,7 +247,7 @@ func (la *TaskAssginee) ReadAll(a web.Auth, search string, page int, perPage int
 		return nil, 0, 0, err
 	}

-	can, _, err := task.CanRead(nil, a)
+	can, _, err := task.CanRead(s, a)
 	if err != nil {
 		return nil, 0, 0, err
 	}
--- a/pkg/models/task_collection.go
+++ b/pkg/models/task_collection.go
@ -176,7 +176,7 @@ func (tf *TaskCollection) ReadAll(a web.Auth, search string, page int, perPage i
 	} else {
 		// Check the list exists and the user has acess on it
 		list := &List{ID: tf.ListID}
-		canRead, _, err := list.CanRead(nil, a)
+		canRead, _, err := list.CanRead(s, a)
 		if err != nil {
 			return nil, 0, 0, err
 		}
--- a/pkg/models/tasks_rights.go
+++ b/pkg/models/tasks_rights.go
@ -34,7 +34,7 @@ func (t *Task) CanUpdate(a web.Auth) (bool, error) {
 func (t *Task) CanCreate(a web.Auth) (bool, error) {
 	// A user can do a task if he has write acces to its list
 	l := &List{ID: t.ListID}
-	return l.CanWrite(nil, a)
+	return l.CanWrite(s, a)
 }

 // CanRead determines if a user can read a task
@ -47,7 +47,7 @@ func (t *Task) CanRead(a web.Auth) (canRead bool, maxRight int, err error) {

 	// A user can read a task if it has access to the list
 	l := &List{ID: t.ListID}
-	return l.CanRead(nil, a)
+	return l.CanRead(s, a)
 }

 // CanWrite checks if a user has write access to a task
@ -66,7 +66,7 @@ func (t *Task) canDoTask(a web.Auth) (bool, error) {
 	// Check if we're moving the task into a different list to check if the user has sufficient rights for that on the new list
 	if t.ListID != 0 && t.ListID != ot.ListID {
 		newList := &List{ID: t.ListID}
-		can, err := newList.CanWrite(nil, a)
+		can, err := newList.CanWrite(s, a)
 		if err != nil {
 			return false, err
 		}
@ -77,5 +77,5 @@ func (t *Task) canDoTask(a web.Auth) (bool, error) {

 	// A user can do a task if it has write acces to its list
 	l := &List{ID: ot.ListID}
-	return l.CanWrite(nil, a)
+	return l.CanWrite(s, a)
 }
--- a/pkg/routes/api/v1/link_sharing_auth.go
+++ b/pkg/routes/api/v1/link_sharing_auth.go
@ -45,7 +45,7 @@ type LinkShareToken struct {
 // @Router /shares/{share}/auth [post]
 func AuthenticateLinkShare(c echo.Context) error {
 	hash := c.Param("share")
-	share, err := models.GetLinkShareByHash(hash)
+	share, err := models.GetLinkShareByHash(s, hash)
 	if err != nil {
 		return handler.HandleHTTPError(err, c)
 	}
--- a/pkg/routes/api/v1/login.go
+++ b/pkg/routes/api/v1/login.go
@ -88,7 +88,7 @@ func RenewToken(c echo.Context) (err error) {
 	if typ == auth.AuthTypeLinkShare {
 		share := &models.LinkSharing{}
 		share.ID = int64(claims["id"].(float64))
-		err := share.ReadOne()
+		err := share.ReadOne(s)
 		if err != nil {
 			return handler.HandleHTTPError(err, c)
 		}