Refactored Rights interface to return errors
This commit is contained in:
parent
49b95473bb
commit
0933ac0823
18
Readme.md
18
Readme.md
|
@ -40,7 +40,7 @@ other handler implementations, enabling a lot of flexibility while develeoping.
|
|||
|
||||
* [x] Improve docs/Merge with the ones of Vikunja
|
||||
* [x] Description of web.HTTPError
|
||||
* [ ] Rights methods should return errors (I know, this will break a lot of existing stuff)
|
||||
* [x] Rights methods should return errors (I know, this will break a lot of existing stuff)
|
||||
* [ ] optional Before- and after-{load|update|create} methods which do some preprocessing/after processing like making human-readable names from automatically up counting consts
|
||||
* [ ] "Magic": Check if a passed struct implements Crudable methods and use a general (user defined) function if not
|
||||
|
||||
|
@ -85,18 +85,20 @@ way to do this, don't hesitate to [drop me a message](https://vikunja.io/en/cont
|
|||
|
||||
## Rights
|
||||
|
||||
This interface defines methods to check for rights on structs. They accept an `Auth`-element as parameter and return a `bool`.
|
||||
This interface defines methods to check for rights on structs. They accept an `Auth`-element as parameter and return a `bool` and `error`.
|
||||
|
||||
The `error` is handled [as usual](#errors).
|
||||
|
||||
The interface is defined as followed:
|
||||
|
||||
```go
|
||||
type Rights interface {
|
||||
IsAdmin(Auth) bool
|
||||
CanWrite(Auth) bool
|
||||
CanRead(Auth) bool
|
||||
CanDelete(Auth) bool
|
||||
CanUpdate(Auth) bool
|
||||
CanCreate(Auth) bool
|
||||
IsAdmin(Auth) (bool, error)
|
||||
CanWrite(Auth) (bool, error)
|
||||
CanRead(Auth) (bool, error)
|
||||
CanDelete(Auth) (bool, error)
|
||||
CanUpdate(Auth) (bool, error)
|
||||
CanCreate(Auth) (bool, error)
|
||||
}
|
||||
```
|
||||
|
||||
|
|
|
@ -42,7 +42,11 @@ func (c *WebHandler) CreateWeb(ctx echo.Context) error {
|
|||
}
|
||||
|
||||
// Check rights
|
||||
if !currentStruct.CanCreate(currentAuth) {
|
||||
canRead, err := currentStruct.CanCreate(currentAuth)
|
||||
if err != nil {
|
||||
return HandleHTTPError(err, ctx)
|
||||
}
|
||||
if canRead {
|
||||
config.LoggingProvider.Noticef("Tried to create while not having the rights for it (User: %v)", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden)
|
||||
}
|
||||
|
|
|
@ -40,7 +40,11 @@ func (c *WebHandler) DeleteWeb(ctx echo.Context) error {
|
|||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError)
|
||||
}
|
||||
if !currentStruct.CanDelete(currentAuth) {
|
||||
canDelete, err := currentStruct.CanDelete(currentAuth)
|
||||
if err != nil {
|
||||
return HandleHTTPError(err, ctx)
|
||||
}
|
||||
if canDelete {
|
||||
config.LoggingProvider.Noticef("Tried to create while not having the rights for it (User: %v)", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden)
|
||||
}
|
||||
|
|
|
@ -42,7 +42,11 @@ func (c *WebHandler) ReadOneWeb(ctx echo.Context) error {
|
|||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
if !currentStruct.CanRead(currentAuth) {
|
||||
canRead, err := currentStruct.CanRead(currentAuth)
|
||||
if err != nil {
|
||||
return HandleHTTPError(err, ctx)
|
||||
}
|
||||
if canRead {
|
||||
config.LoggingProvider.Noticef("Tried to create while not having the rights for it (User: %v)", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden, "You don't have the right to see this")
|
||||
}
|
||||
|
|
|
@ -41,7 +41,11 @@ func (c *WebHandler) UpdateWeb(ctx echo.Context) error {
|
|||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
if !currentStruct.CanUpdate(currentAuth) {
|
||||
canUpdate, err := currentStruct.CanUpdate(currentAuth)
|
||||
if err != nil {
|
||||
return HandleHTTPError(err, ctx)
|
||||
}
|
||||
if canUpdate {
|
||||
config.LoggingProvider.Noticef("Tried to create while not having the rights for it (User: %v)", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden)
|
||||
}
|
||||
|
|
12
web.go
12
web.go
|
@ -19,12 +19,12 @@ import "github.com/labstack/echo"
|
|||
|
||||
// Rights defines rights methods
|
||||
type Rights interface {
|
||||
IsAdmin(Auth) bool
|
||||
CanWrite(Auth) bool
|
||||
CanRead(Auth) bool
|
||||
CanDelete(Auth) bool
|
||||
CanUpdate(Auth) bool
|
||||
CanCreate(Auth) bool
|
||||
IsAdmin(Auth) (bool, error)
|
||||
CanWrite(Auth) (bool, error)
|
||||
CanRead(Auth) (bool, error)
|
||||
CanDelete(Auth) (bool, error)
|
||||
CanUpdate(Auth) (bool, error)
|
||||
CanCreate(Auth) (bool, error)
|
||||
}
|
||||
|
||||
// CRUDable defines the crud methods
|
||||
|
|
Loading…
Reference in New Issue