vikunja
/
vikunja
6
43
Fork 71
Code Issues 150 Pull Requests 15 Packages Releases 32 Activity

Add auth parameter to crud functions

This commit is contained in:
kolaente 2021-01-31 21:15:33 +01:00
parent 1313f4d2a8
commit 5897515ab6
Signed by: konrad
GPG Key ID: F40E70337AB24C9B
29 changed files with 93 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
go.mod
View File

@ -18,7 +18,7 @@ module code.vikunja.io/api
require (
4d63.com/tz v1.2.0
code.vikunja.io/web v0.0.0-20201223143420-588abb73703a
code.vikunja.io/web v0.0.0-20210131201003-26386be9a9ae
dmitri.shuralyov.com/go/generated v0.0.0-20170818220700-b1254a446363 // indirect
gitea.com/xorm/xorm-redis-cache v0.2.0
github.com/ThreeDotsLabs/watermill v1.1.1
@ -80,11 +80,12 @@ require (
golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
golang.org/x/image v0.0.0-20201208152932-35266b937fa6
golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5
golang.org/x/net v0.0.0-20201216054612-986b41b23924 // indirect
golang.org/x/net v0.0.0-20210119194325-5f4716e94777 // indirect
golang.org/x/oauth2 v0.0.0-20210126194326-f9ce19ea3013
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a
golang.org/x/sys v0.0.0-20201223074533-0d417f636930 // indirect
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c // indirect
golang.org/x/term v0.0.0-20201210144234-2321bbc49cbf
golang.org/x/text v0.3.5 // indirect
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
gopkg.in/d4l3k/messagediff.v1 v1.2.1
@ -95,9 +96,9 @@ require (
honnef.co/go/tools v0.0.1-2020.1.5
src.techknowlogick.com/xgo v1.2.1-0.20201205054505-b97762e7a76b
src.techknowlogick.com/xormigrate v1.4.0
xorm.io/builder v0.3.7
xorm.io/builder v0.3.8
xorm.io/core v0.7.3
xorm.io/xorm v1.0.5
xorm.io/xorm v1.0.7
)
replace (

12
go.sum
View File

@ -44,6 +44,8 @@ code.vikunja.io/web v0.0.0-20201222144643-6fa2fb587215 h1:O5zMWgcnVDVLaQUawgdsv/
code.vikunja.io/web v0.0.0-20201222144643-6fa2fb587215/go.mod h1:OgFO06HN1KpA4S7Dw/QAIeygiUPSeGJJn1ykz/sjZdU=
code.vikunja.io/web v0.0.0-20201223143420-588abb73703a h1:LaWCucY5Pp30EIMgGOvdVFNss5OhIAwrAO8PuFVRUfw=
code.vikunja.io/web v0.0.0-20201223143420-588abb73703a/go.mod h1:OgFO06HN1KpA4S7Dw/QAIeygiUPSeGJJn1ykz/sjZdU=
code.vikunja.io/web v0.0.0-20210131201003-26386be9a9ae h1:qqgwoWjKrpIOdrIR0FPawiHLZTRYwS9MBgwH1eZJJqA=
code.vikunja.io/web v0.0.0-20210131201003-26386be9a9ae/go.mod h1:OgFO06HN1KpA4S7Dw/QAIeygiUPSeGJJn1ykz/sjZdU=
dmitri.shuralyov.com/go/generated v0.0.0-20170818220700-b1254a446363 h1:o4lAkfETerCnr1kF9/qwkwjICnU+YLHNDCM8h2xj7as=
dmitri.shuralyov.com/go/generated v0.0.0-20170818220700-b1254a446363/go.mod h1:WG7q7swWsS2f9PYpt5DoEP/EBYWx8We5UoRltn9vJl8=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
@ -997,6 +999,8 @@ golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb h1:eBmm0M9fYhWpKZLjQUUKka/Lt
golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201216054612-986b41b23924 h1:QsnDpLLOKwHBBDa8nDws4DYNc/ryVW2vCpxCs09d4PY=
golang.org/x/net v0.0.0-20201216054612-986b41b23924/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210119194325-5f4716e94777 h1:003p0dJM77cxMSyCPFphvZf/Y5/NXf5fzg6ufd1/Oew=
golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0=
@ -1095,6 +1099,8 @@ golang.org/x/sys v0.0.0-20201221093633-bc327ba9c2f0 h1:n+DPcgTwkgWzIFpLmoimYR2K2
golang.org/x/sys v0.0.0-20201221093633-bc327ba9c2f0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201223074533-0d417f636930 h1:vRgIt+nup/B/BwIS0g2oC0haq0iqbV3ZA+u6+0TlNCo=
golang.org/x/sys v0.0.0-20201223074533-0d417f636930/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c h1:VwygUrnw9jn88c4u8GD3rZQbqrP/tgas88tPUbBxQrk=
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221 h1:/ZHdbVpdR/jk3g30/d4yUL0JU9kksj8+F/bnQUVLGDM=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
@ -1110,6 +1116,8 @@ golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.4 h1:0YWbFKbhXG/wIiuHDSKpS0Iy7FSA+u45VtBMfQcFTTc=
golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@ -1347,6 +1355,8 @@ src.techknowlogick.com/xormigrate v1.4.0 h1:gAfLoDwcVfMiFhSXg5Qwm7LNnG1iUbBVDUNf
src.techknowlogick.com/xormigrate v1.4.0/go.mod h1:xCtbAK00lJ0v4zP2O6VBVMG3RHm7W5Yo1Dz0r9kL/ho=
xorm.io/builder v0.3.7 h1:2pETdKRK+2QG4mLX4oODHEhn5Z8j1m8sXa7jfu+/SZI=
xorm.io/builder v0.3.7/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
xorm.io/builder v0.3.8 h1:P/wPgRqa9kX5uE0aA1/ukJ23u9KH0aSRpHLwDKXigSE=
xorm.io/builder v0.3.8/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
xorm.io/core v0.7.3 h1:W8ws1PlrnkS1CZU1YWaYLMQcQilwAmQXU0BJDJon+H0=
xorm.io/core v0.7.3/go.mod h1:jJfd0UAEzZ4t87nbQYtVjmqpIODugN6PD2D9E+dJvdM=
xorm.io/xorm v1.0.1 h1:/lITxpJtkZauNpdzj+L9CN/3OQxZaABrbergMcJu+Cw=
@ -1355,3 +1365,5 @@ xorm.io/xorm v1.0.2 h1:kZlCh9rqd1AzGwWitcrEEqHE1h1eaZE/ujU5/2tWEtg=
xorm.io/xorm v1.0.2/go.mod h1:o4vnEsQ5V2F1/WK6w4XTwmiWJeGj82tqjAnHe44wVHY=
xorm.io/xorm v1.0.5 h1:LRr5PfOUb4ODPR63YwbowkNDwcolT2LnkwP/TUaMaB0=
xorm.io/xorm v1.0.5/go.mod h1:uF9EtbhODq5kNWxMbnBEj8hRRZnlcNSz2t2N7HW/+A4=
xorm.io/xorm v1.0.7 h1:26yBTDVI+CfQpVz2Y88fISh+aiJXIPP4eNoTJlwzsC4=
xorm.io/xorm v1.0.7/go.mod h1:uF9EtbhODq5kNWxMbnBEj8hRRZnlcNSz2t2N7HW/+A4=

2
pkg/events/events.go
View File

@ -65,7 +65,7 @@ func InitEvents() (err error) {
for topic, funcs := range listeners {
for _, handler := range funcs {
router.AddNoPublisherHandler(topic+watermill.NewShortUUID(), topic, pubsub, func(msg *message.Message) error {
router.AddNoPublisherHandler(topic+"."+watermill.NewShortUUID(), topic, pubsub, func(msg *message.Message) error {
return handler.Handle(msg.Payload)
})
}

2
pkg/models/bulk_task.go
View File

@ -78,7 +78,7 @@ func (bt *BulkTask) CanUpdate(s *xorm.Session, a web.Auth) (bool, error) {
// @Failure 403 {object} web.HTTPError "The user does not have access to the task (aka its list)"
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/bulk [post]
func (bt *BulkTask) Update(s *xorm.Session) (err error) {
func (bt *BulkTask) Update(s *xorm.Session, a web.Auth) (err error) {
for _, oldtask := range bt.Tasks {
// When a repeating task is marked as done, we update all deadlines and reminders and set it as undone

13
pkg/models/events.go
View File

@ -30,3 +30,16 @@ func (t *TaskCreatedEvent) TopicName() string {
func (t *TaskCreatedEvent) Message() interface{} {
return t
}
type TaskUpdatedEvent struct {
Task *Task
Doer *user.User
}
func (t *TaskUpdatedEvent) TopicName() string {
return "task.updated"
}
func (t *TaskUpdatedEvent) Message() interface{} {
return t
}

4
pkg/models/kanban.go
View File

@ -190,7 +190,7 @@ func (b *Bucket) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 404 {object} web.HTTPError "The bucket does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{listID}/buckets/{bucketID} [post]
func (b *Bucket) Update(s *xorm.Session) (err error) {
func (b *Bucket) Update(s *xorm.Session, a web.Auth) (err error) {
_, err = s.
Where("id = ?", b.ID).
Cols("title", "limit").
@ -211,7 +211,7 @@ func (b *Bucket) Update(s *xorm.Session) (err error) {
// @Failure 404 {object} web.HTTPError "The bucket does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{listID}/buckets/{bucketID} [delete]
func (b *Bucket) Delete(s *xorm.Session) (err error) {
func (b *Bucket) Delete(s *xorm.Session, a web.Auth) (err error) {
// Prevent removing the last bucket
total, err := s.Where("list_id = ?", b.ListID).Count(&Bucket{})

8
pkg/models/label.go
View File

@ -93,7 +93,7 @@ func (l *Label) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 404 {object} web.HTTPError "Label not found."
// @Failure 500 {object} models.Message "Internal error"
// @Router /labels/{id} [put]
func (l *Label) Update(s *xorm.Session) (err error) {
func (l *Label) Update(s *xorm.Session, a web.Auth) (err error) {
_, err = s.
ID(l.ID).
Cols(
@ -106,7 +106,7 @@ func (l *Label) Update(s *xorm.Session) (err error) {
return
}
err = l.ReadOne(s)
err = l.ReadOne(s, a)
return
}
@ -123,7 +123,7 @@ func (l *Label) Update(s *xorm.Session) (err error) {
// @Failure 404 {object} web.HTTPError "Label not found."
// @Failure 500 {object} models.Message "Internal error"
// @Router /labels/{id} [delete]
func (l *Label) Delete(s *xorm.Session) (err error) {
func (l *Label) Delete(s *xorm.Session, a web.Auth) (err error) {
_, err = s.ID(l.ID).Delete(&Label{})
return err
}
@ -178,7 +178,7 @@ func (l *Label) ReadAll(s *xorm.Session, a web.Auth, search string, page int, pe
// @Failure 404 {object} web.HTTPError "Label not found"
// @Failure 500 {object} models.Message "Internal error"
// @Router /labels/{id} [get]
func (l *Label) ReadOne(s *xorm.Session) (err error) {
func (l *Label) ReadOne(s *xorm.Session, a web.Auth) (err error) {
label, err := getLabelByIDSimple(s, l.ID)
if err != nil {
return err

2
pkg/models/label_task.go
View File

@ -61,7 +61,7 @@ func (LabelTask) TableName() string {
// @Failure 404 {object} web.HTTPError "Label not found."
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{task}/labels/{label} [delete]
func (lt *LabelTask) Delete(s *xorm.Session) (err error) {
func (lt *LabelTask) Delete(s *xorm.Session, a web.Auth) (err error) {
_, err = s.Delete(&LabelTask{LabelID: lt.LabelID, TaskID: lt.TaskID})
return err
}

4
pkg/models/link_sharing.go
View File

@ -127,7 +127,7 @@ func (share *LinkSharing) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 404 {object} web.HTTPError "Share Link not found."
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{list}/shares/{share} [get]
func (share *LinkSharing) ReadOne(s *xorm.Session) (err error) {
func (share *LinkSharing) ReadOne(s *xorm.Session, a web.Auth) (err error) {
exists, err := s.Where("id = ?", share.ID).Get(share)
if err != nil {
return err
@ -216,7 +216,7 @@ func (share *LinkSharing) ReadAll(s *xorm.Session, a web.Auth, search string, pa
// @Failure 404 {object} web.HTTPError "Share Link not found."
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{list}/shares/{share} [delete]
func (share *LinkSharing) Delete(s *xorm.Session) (err error) {
func (share *LinkSharing) Delete(s *xorm.Session, a web.Auth) (err error) {
_, err = s.Where("id = ?", share.ID).Delete(share)
return
}

14
pkg/models/list.go
View File

@ -186,7 +186,7 @@ func (l *List) ReadAll(s *xorm.Session, a web.Auth, search string, page int, per
// @Failure 403 {object} web.HTTPError "The user does not have access to the list"
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{id} [get]
func (l *List) ReadOne(s *xorm.Session) (err error) {
func (l *List) ReadOne(s *xorm.Session, a web.Auth) (err error) {
if l.ID == FavoritesPseudoList.ID {
// Already "built" the list in CanRead
@ -466,7 +466,7 @@ func (l *List) CheckIsArchived(s *xorm.Session) (err error) {
}
// CreateOrUpdateList updates a list or creates it if it doesn't exist
func CreateOrUpdateList(s *xorm.Session, list *List) (err error) {
func CreateOrUpdateList(s *xorm.Session, list *List, auth web.Auth) (err error) {
// Check if the namespace exists
if list.NamespaceID != 0 && list.NamespaceID != FavoritesPseudoNamespace.ID {
@ -522,7 +522,7 @@ func CreateOrUpdateList(s *xorm.Session, list *List) (err error) {
}
*list = *l
err = list.ReadOne(s)
err = list.ReadOne(s, auth)
return
}
@ -541,8 +541,8 @@ func CreateOrUpdateList(s *xorm.Session, list *List) (err error) {
// @Failure 403 {object} web.HTTPError "The user does not have access to the list"
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{id} [post]
func (l *List) Update(s *xorm.Session) (err error) {
return CreateOrUpdateList(s, l)
func (l *List) Update(s *xorm.Session, a web.Auth) (err error) {
return CreateOrUpdateList(s, l, a)
}
func updateListLastUpdated(s *xorm.Session, list *List) error {
@ -589,7 +589,7 @@ func (l *List) Create(s *xorm.Session, a web.Auth) (err error) {
l.Owner = doer
l.ID = 0 // Otherwise only the first time a new list would be created
err = CreateOrUpdateList(s, l)
err = CreateOrUpdateList(s, l, a)
if err != nil {
return
}
@ -614,7 +614,7 @@ func (l *List) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 403 {object} web.HTTPError "The user does not have access to the list"
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{id} [delete]
func (l *List) Delete(s *xorm.Session) (err error) {
func (l *List) Delete(s *xorm.Session, a web.Auth) (err error) {
// Delete the list
_, err = s.ID(l.ID).Delete(&List{})

2
pkg/models/list_duplicate.go
View File

@ -75,7 +75,7 @@ func (ld *ListDuplicate) Create(s *xorm.Session, a web.Auth) (err error) {
ld.List.Identifier = "" // Reset the identifier to trigger regenerating a new one
// Set the owner to the current user
ld.List.OwnerID = a.GetID()
if err := CreateOrUpdateList(s, ld.List); err != nil {
if err := CreateOrUpdateList(s, ld.List, a); err != nil {
// If there is no available unique list identifier, just reset it.
if IsErrListIdentifierIsNotUnique(err) {
ld.List.Identifier = ""

4
pkg/models/list_team.go
View File

@ -122,7 +122,7 @@ func (tl *TeamList) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 404 {object} web.HTTPError "Team or list does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{listID}/teams/{teamID} [delete]
func (tl *TeamList) Delete(s *xorm.Session) (err error) {
func (tl *TeamList) Delete(s *xorm.Session, a web.Auth) (err error) {
// Check if the team exists
_, err = GetTeamByID(s, tl.TeamID)
@ -234,7 +234,7 @@ func (tl *TeamList) ReadAll(s *xorm.Session, a web.Auth, search string, page int
// @Failure 404 {object} web.HTTPError "Team or list does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{listID}/teams/{teamID} [post]
func (tl *TeamList) Update(s *xorm.Session) (err error) {
func (tl *TeamList) Update(s *xorm.Session, a web.Auth) (err error) {
// Check if the right is valid
if err := tl.Right.isValid(); err != nil {

4
pkg/models/list_users.go
View File

@ -129,7 +129,7 @@ func (lu *ListUser) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 404 {object} web.HTTPError "user or list does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{listID}/users/{userID} [delete]
func (lu *ListUser) Delete(s *xorm.Session) (err error) {
func (lu *ListUser) Delete(s *xorm.Session, a web.Auth) (err error) {
// Check if the user exists
u, err := user.GetUserByUsername(s, lu.Username)
@ -231,7 +231,7 @@ func (lu *ListUser) ReadAll(s *xorm.Session, a web.Auth, search string, page int
// @Failure 404 {object} web.HTTPError "User or list does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /lists/{listID}/users/{userID} [post]
func (lu *ListUser) Update(s *xorm.Session) (err error) {
func (lu *ListUser) Update(s *xorm.Session, a web.Auth) (err error) {
// Check if the right is valid
if err := lu.Right.isValid(); err != nil {

2
pkg/models/listeners.go
View File

@ -20,7 +20,6 @@ import (
"encoding/json"
"code.vikunja.io/api/pkg/events"
"code.vikunja.io/api/pkg/log"
"github.com/ThreeDotsLabs/watermill/message"
)
@ -38,6 +37,5 @@ func (s *SendTaskCreatedNotification) Handle(payload message.Payload) (err error
return err
}
log.Debugf("task.created: %v", event)
return nil
}

6
pkg/models/namespace.go
View File

@ -159,7 +159,7 @@ func (n *Namespace) CheckIsArchived(s *xorm.Session) error {
// @Failure 403 {object} web.HTTPError "The user does not have access to that namespace."
// @Failure 500 {object} models.Message "Internal error"
// @Router /namespaces/{id} [get]
func (n *Namespace) ReadOne(s *xorm.Session) (err error) {
func (n *Namespace) ReadOne(s *xorm.Session, a web.Auth) (err error) {
nn, err := GetNamespaceByID(s, n.ID)
if err != nil {
return err
@ -504,7 +504,7 @@ func CreateNewNamespaceForUser(s *xorm.Session, user *user.User) (err error) {
// @Failure 403 {object} web.HTTPError "The user does not have access to the namespace"
// @Failure 500 {object} models.Message "Internal error"
// @Router /namespaces/{id} [delete]
func (n *Namespace) Delete(s *xorm.Session) (err error) {
func (n *Namespace) Delete(s *xorm.Session, a web.Auth) (err error) {
// Check if the namespace exists
_, err = GetNamespaceByID(s, n.ID)
@ -562,7 +562,7 @@ func (n *Namespace) Delete(s *xorm.Session) (err error) {
// @Failure 403 {object} web.HTTPError "The user does not have access to the namespace"
// @Failure 500 {object} models.Message "Internal error"
// @Router /namespace/{id} [post]
func (n *Namespace) Update(s *xorm.Session) (err error) {
func (n *Namespace) Update(s *xorm.Session, a web.Auth) (err error) {
// Check if we have at least a name
if n.Title == "" {
return ErrNamespaceNameCannotBeEmpty{NamespaceID: n.ID}

4
pkg/models/namespace_team.go
View File

@ -112,7 +112,7 @@ func (tn *TeamNamespace) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 404 {object} web.HTTPError "team or namespace does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /namespaces/{namespaceID}/teams/{teamID} [delete]
func (tn *TeamNamespace) Delete(s *xorm.Session) (err error) {
func (tn *TeamNamespace) Delete(s *xorm.Session, a web.Auth) (err error) {
// Check if the team exists
_, err = GetTeamByID(s, tn.TeamID)
@ -219,7 +219,7 @@ func (tn *TeamNamespace) ReadAll(s *xorm.Session, a web.Auth, search string, pag
// @Failure 404 {object} web.HTTPError "Team or namespace does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /namespaces/{namespaceID}/teams/{teamID} [post]
func (tn *TeamNamespace) Update(s *xorm.Session) (err error) {
func (tn *TeamNamespace) Update(s *xorm.Session, a web.Auth) (err error) {
// Check if the right is valid
if err := tn.Right.isValid(); err != nil {

4
pkg/models/namespace_users.go
View File

@ -122,7 +122,7 @@ func (nu *NamespaceUser) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 404 {object} web.HTTPError "user or namespace does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /namespaces/{namespaceID}/users/{userID} [delete]
func (nu *NamespaceUser) Delete(s *xorm.Session) (err error) {
func (nu *NamespaceUser) Delete(s *xorm.Session, a web.Auth) (err error) {
// Check if the user exists
user, err := user2.GetUserByUsername(s, nu.Username)
@ -220,7 +220,7 @@ func (nu *NamespaceUser) ReadAll(s *xorm.Session, a web.Auth, search string, pag
// @Failure 404 {object} web.HTTPError "User or namespace does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /namespaces/{namespaceID}/users/{userID} [post]
func (nu *NamespaceUser) Update(s *xorm.Session) (err error) {
func (nu *NamespaceUser) Update(s *xorm.Session, a web.Auth) (err error) {
// Check if the right is valid
if err := nu.Right.isValid(); err != nil {

6
pkg/models/saved_filters.go
View File

@ -133,7 +133,7 @@ func getSavedFilterSimpleByID(s *xorm.Session, id int64) (sf *SavedFilter, err e
// @Failure 403 {object} web.HTTPError "The user does not have access to that saved filter."
// @Failure 500 {object} models.Message "Internal error"
// @Router /filters/{id} [get]
func (sf *SavedFilter) ReadOne(s *xorm.Session) error {
func (sf *SavedFilter) ReadOne(s *xorm.Session, a web.Auth) error {
// s already contains almost the full saved filter from the rights check, we only need to add the user
u, err := user.GetUserByID(s, sf.OwnerID)
sf.Owner = u
@ -153,7 +153,7 @@ func (sf *SavedFilter) ReadOne(s *xorm.Session) error {
// @Failure 404 {object} web.HTTPError "The saved filter does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /filters/{id} [post]
func (sf *SavedFilter) Update(s *xorm.Session) error {
func (sf *SavedFilter) Update(s *xorm.Session, a web.Auth) error {
_, err := s.
Where("id = ?", sf.ID).
Cols(
@ -178,7 +178,7 @@ func (sf *SavedFilter) Update(s *xorm.Session) error {
// @Failure 404 {object} web.HTTPError "The saved filter does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /filters/{id} [delete]
func (sf *SavedFilter) Delete(s *xorm.Session) error {
func (sf *SavedFilter) Delete(s *xorm.Session, a web.Auth) error {
_, err := s.
Where("id = ?", sf.ID).
Delete(sf)

2
pkg/models/task_assignees.go
View File

@ -166,7 +166,7 @@ func (t *Task) setTaskAssignees(assignees []*user.User) {
// @Failure 403 {object} web.HTTPError "Not allowed to delete the assignee."
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{taskID}/assignees/{userID} [delete]
func (la *TaskAssginee) Delete(s *xorm.Session) (err error) {
func (la *TaskAssginee) Delete(s *xorm.Session, a web.Auth) (err error) {
_, err = s.Delete(&TaskAssginee{TaskID: la.TaskID, UserID: la.UserID})
if err != nil {
return err

6
pkg/models/task_attachment.go
View File

@ -80,7 +80,7 @@ func (ta *TaskAttachment) NewAttachment(s *xorm.Session, f io.ReadCloser, realna
}
// ReadOne returns a task attachment
func (ta *TaskAttachment) ReadOne(s *xorm.Session) (err error) {
func (ta *TaskAttachment) ReadOne(s *xorm.Session, a web.Auth) (err error) {
exists, err := s.Where("id = ?", ta.ID).Get(ta)
if err != nil {
return
@ -176,9 +176,9 @@ func (ta *TaskAttachment) ReadAll(s *xorm.Session, a web.Auth, search string, pa
// @Failure 404 {object} models.Message "The task does not exist."
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{id}/attachments/{attachmentID} [delete]
func (ta *TaskAttachment) Delete(s *xorm.Session) error {
func (ta *TaskAttachment) Delete(s *xorm.Session, a web.Auth) error {
// Load the attachment
err := ta.ReadOne(s)
err := ta.ReadOne(s, a)
if err != nil && !files.IsErrFileDoesNotExist(err) {
return err
}

6
pkg/models/task_comments.go
View File

@ -88,7 +88,7 @@ func (tc *TaskComment) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 404 {object} web.HTTPError "The task comment was not found."
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{taskID}/comments/{commentID} [delete]
func (tc *TaskComment) Delete(s *xorm.Session) error {
func (tc *TaskComment) Delete(s *xorm.Session, a web.Auth) error {
deleted, err := s.
ID(tc.ID).
NoAutoCondition().
@ -113,7 +113,7 @@ func (tc *TaskComment) Delete(s *xorm.Session) error {
// @Failure 404 {object} web.HTTPError "The task comment was not found."
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{taskID}/comments/{commentID} [post]
func (tc *TaskComment) Update(s *xorm.Session) error {
func (tc *TaskComment) Update(s *xorm.Session, a web.Auth) error {
updated, err := s.
ID(tc.ID).
Cols("comment").
@ -138,7 +138,7 @@ func (tc *TaskComment) Update(s *xorm.Session) error {
// @Failure 404 {object} web.HTTPError "The task comment was not found."
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{taskID}/comments/{commentID} [get]
func (tc *TaskComment) ReadOne(s *xorm.Session) (err error) {
func (tc *TaskComment) ReadOne(s *xorm.Session, a web.Auth) (err error) {
exists, err := s.Get(tc)
if err != nil {
return

2
pkg/models/task_relation.go
View File

@ -201,7 +201,7 @@ func (rel *TaskRelation) Create(s *xorm.Session, a web.Auth) error {
// @Failure 404 {object} web.HTTPError "The task relation was not found."
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{taskID}/relations [delete]
func (rel *TaskRelation) Delete(s *xorm.Session) error {
func (rel *TaskRelation) Delete(s *xorm.Session, a web.Auth) error {
// Check if the relation exists
exists, err := s.
Cols("task_id", "other_task_id", "relation_kind").

13
pkg/models/tasks.go
View File

@ -856,7 +856,7 @@ func createTask(s *xorm.Session, t *Task, a web.Auth, updateAssignees bool) (err
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{id} [post]
//nolint:gocyclo
func (t *Task) Update(s *xorm.Session) (err error) {
func (t *Task) Update(s *xorm.Session, a web.Auth) (err error) {
// Check if the task exists and get the old values
ot, err := GetTaskByIDSimple(s, t.ID)
@ -1037,6 +1037,13 @@ func (t *Task) Update(s *xorm.Session) (err error) {
}
t.Updated = nt.Updated
err = events.Publish(&TaskUpdatedEvent{
Task: t,
})
if err != nil {
return err
}
return updateListLastUpdated(s, &List{ID: t.ListID})
}
@ -1175,7 +1182,7 @@ func (t *Task) updateReminders(s *xorm.Session, reminders []time.Time) (err erro
// @Failure 403 {object} web.HTTPError "The user does not have access to the list"
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{id} [delete]
func (t *Task) Delete(s *xorm.Session) (err error) {
func (t *Task) Delete(s *xorm.Session, a web.Auth) (err error) {
if _, err = s.ID(t.ID).Delete(Task{}); err != nil {
return err
@ -1204,7 +1211,7 @@ func (t *Task) Delete(s *xorm.Session) (err error) {
// @Failure 404 {object} models.Message "Task not found"
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/{ID} [get]
func (t *Task) ReadOne(s *xorm.Session) (err error) {
func (t *Task) ReadOne(s *xorm.Session, a web.Auth) (err error) {
taskMap := make(map[int64]*Task, 1)
taskMap[t.ID] = &Task{}

4
pkg/models/team_members.go
View File

@ -78,7 +78,7 @@ func (tm *TeamMember) Create(s *xorm.Session, a web.Auth) (err error) {
// @Success 200 {object} models.Message "The user was successfully removed from the team."
// @Failure 500 {object} models.Message "Internal error"
// @Router /teams/{id}/members/{userID} [delete]
func (tm *TeamMember) Delete(s *xorm.Session) (err error) {
func (tm *TeamMember) Delete(s *xorm.Session, a web.Auth) (err error) {
total, err := s.Where("team_id = ?", tm.TeamID).Count(&TeamMember{})
if err != nil {
@ -110,7 +110,7 @@ func (tm *TeamMember) Delete(s *xorm.Session) (err error) {
// @Success 200 {object} models.Message "The member right was successfully changed."
// @Failure 500 {object} models.Message "Internal error"
// @Router /teams/{id}/members/{userID}/admin [post]
func (tm *TeamMember) Update(s *xorm.Session) (err error) {
func (tm *TeamMember) Update(s *xorm.Session, a web.Auth) (err error) {
// Find the numeric user id
user, err := user2.GetUserByUsername(s, tm.Username)
if err != nil {

6
pkg/models/teams.go
View File

@ -177,7 +177,7 @@ func addMoreInfoToTeams(s *xorm.Session, teams []*Team) (err error) {
// @Failure 403 {object} web.HTTPError "The user does not have access to the team"
// @Failure 500 {object} models.Message "Internal error"
// @Router /teams/{id} [get]
func (t *Team) ReadOne(s *xorm.Session) (err error) {
func (t *Team) ReadOne(s *xorm.Session, a web.Auth) (err error) {
team, err := GetTeamByID(s, t.ID)
if team != nil {
*t = *team
@ -285,7 +285,7 @@ func (t *Team) Create(s *xorm.Session, a web.Auth) (err error) {
// @Failure 400 {object} web.HTTPError "Invalid team object provided."
// @Failure 500 {object} models.Message "Internal error"
// @Router /teams/{id} [delete]
func (t *Team) Delete(s *xorm.Session) (err error) {
func (t *Team) Delete(s *xorm.Session, a web.Auth) (err error) {
// Delete the team
_, err = s.ID(t.ID).Delete(&Team{})
@ -328,7 +328,7 @@ func (t *Team) Delete(s *xorm.Session) (err error) {
// @Failure 400 {object} web.HTTPError "Invalid team object provided."
// @Failure 500 {object} models.Message "Internal error"
// @Router /teams/{id} [post]
func (t *Team) Update(s *xorm.Session) (err error) {
func (t *Team) Update(s *xorm.Session, a web.Auth) (err error) {
// Check if we have a name
if t.Name == "" {
return ErrTeamNameCannotBeEmpty{}

2
pkg/modules/migration/create_from_structure.go
View File

@ -226,7 +226,7 @@ func InsertFromStructure(str []*models.NamespaceWithLists, user *user.User) (err
return err
}
buckets := bucketsIn.([]*models.Bucket)
err = buckets[0].Delete(s)
err = buckets[0].Delete(s, user)
if err != nil {
_ = s.Rollback()
return err

2
pkg/routes/api/v1/login.go
View File

@ -104,7 +104,7 @@ func RenewToken(c echo.Context) (err error) {
if typ == auth.AuthTypeLinkShare {
share := &models.LinkSharing{}
share.ID = int64(claims["id"].(float64))
err := share.ReadOne(s)
err := share.ReadOne(s, share)
if err != nil {
_ = s.Rollback()
return handler.HandleHTTPError(err, c)

2
pkg/routes/api/v1/task_attachment.go
View File

@ -147,7 +147,7 @@ func GetTaskAttachment(c echo.Context) error {
}
// Get the attachment incl file
err = taskAttachment.ReadOne(s)
err = taskAttachment.ReadOne(s, auth)
if err != nil {
_ = s.Rollback()
return handler.HandleHTTPError(err, c)

6
pkg/routes/caldav/listStorageProvider.go
View File

@ -318,7 +318,7 @@ func (vcls *VikunjaCaldavListStorage) UpdateResource(rpath, content string) (*da
}
// Update the task
err = vTask.Update(s)
err = vTask.Update(s, vcls.user)
if err != nil {
_ = s.Rollback()
return nil, err
@ -354,7 +354,7 @@ func (vcls *VikunjaCaldavListStorage) DeleteResource(rpath string) error {
}
// Delete it
err = vcls.task.Delete(s)
err = vcls.task.Delete(s, vcls.user)
if err != nil {
_ = s.Rollback()
return err
@ -458,7 +458,7 @@ func (vcls *VikunjaCaldavListStorage) getListRessource(isCollection bool) (rr Vi
log.Errorf("User %v tried to access a caldav resource (List %v) which they are not allowed to access", vcls.user.Username, vcls.list.ID)
return rr, models.ErrUserDoesNotHaveAccessToList{ListID: vcls.list.ID}
}
err = vcls.list.ReadOne(s)
err = vcls.list.ReadOne(s, vcls.user)
if err != nil {
_ = s.Rollback()
return