initial commit
This commit is contained in:
commit
4c49b0fe6d
|
@ -0,0 +1,61 @@
|
|||
// Vikunja is a todo-list application to facilitate your life.
|
||||
// Copyright 2018 Vikunja and contributors. All rights reserved.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/api/pkg/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
// CreateWeb is the handler to create an object
|
||||
func (c *WebHandler) CreateWeb(ctx echo.Context) error {
|
||||
// Get our model
|
||||
currentStruct := c.EmptyStruct()
|
||||
|
||||
// Get the object & bind params to struct
|
||||
if err := ParamBinder(currentStruct, ctx); err != nil {
|
||||
return echo.NewHTTPError(http.StatusBadRequest, "No or invalid model provided.")
|
||||
}
|
||||
|
||||
// Validate the struct
|
||||
if err := ctx.Validate(currentStruct); err != nil {
|
||||
return echo.NewHTTPError(http.StatusBadRequest, err)
|
||||
}
|
||||
|
||||
// Get the user to pass for later checks
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
|
||||
// Check rights
|
||||
if !currentStruct.CanCreate(currentAuth) {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to create while not having the rights for it", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden)
|
||||
}
|
||||
|
||||
// Create
|
||||
err = currentStruct.Create(currentAuth)
|
||||
if err != nil {
|
||||
return HandleHTTPError(err, ctx)
|
||||
}
|
||||
|
||||
return ctx.JSON(http.StatusCreated, currentStruct)
|
||||
}
|
|
@ -0,0 +1,58 @@
|
|||
// Vikunja is a todo-list application to facilitate your life.
|
||||
// Copyright 2018 Vikunja and contributors. All rights reserved.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/api/pkg/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
type message struct {
|
||||
Message string `json:"message"`
|
||||
}
|
||||
|
||||
// DeleteWeb is the web handler to delete something
|
||||
func (c *WebHandler) DeleteWeb(ctx echo.Context) error {
|
||||
|
||||
// Get our model
|
||||
currentStruct := c.EmptyStruct()
|
||||
|
||||
// Bind params to struct
|
||||
if err := ParamBinder(currentStruct, ctx); err != nil {
|
||||
return echo.NewHTTPError(http.StatusBadRequest, "Invalid URL param.")
|
||||
}
|
||||
|
||||
// Check if the user has the right to delete
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError)
|
||||
}
|
||||
if !currentStruct.CanDelete(currentAuth) {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to delete while not having the rights for it", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden)
|
||||
}
|
||||
|
||||
err = currentStruct.Delete()
|
||||
if err != nil {
|
||||
return HandleHTTPError(err, ctx)
|
||||
}
|
||||
|
||||
return ctx.JSON(http.StatusOK, message{"Successfully deleted."})
|
||||
}
|
|
@ -0,0 +1,46 @@
|
|||
// Vikunja is a todo-list application to facilitate your life.
|
||||
// Copyright 2018 Vikunja and contributors. All rights reserved.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/api/pkg/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
// WebHandler defines the webhandler object
|
||||
// This does web stuff, aka returns json etc. Uses CRUDable Methods to get the data
|
||||
type WebHandler struct {
|
||||
EmptyStruct func() CObject
|
||||
}
|
||||
|
||||
// CObject is the definition of our object, holds the structs
|
||||
type CObject interface {
|
||||
web.CRUDable
|
||||
web.Rights
|
||||
}
|
||||
|
||||
// HandleHTTPError does what it says
|
||||
func HandleHTTPError(err error, ctx echo.Context) *echo.HTTPError {
|
||||
if a, has := err.(web.HTTPErrorProcessor); has {
|
||||
errDetails := a.HTTPError()
|
||||
return echo.NewHTTPError(errDetails.HTTPCode, errDetails)
|
||||
}
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Error(err.Error())
|
||||
return echo.NewHTTPError(http.StatusInternalServerError)
|
||||
}
|
|
@ -0,0 +1,288 @@
|
|||
// Vikunja is a todo-list application to facilitate your life.
|
||||
// Copyright 2018 Vikunja and contributors. All rights reserved.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package handler
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"github.com/labstack/echo"
|
||||
"reflect"
|
||||
"strconv"
|
||||
"strings"
|
||||
)
|
||||
|
||||
const paramTagName = "param"
|
||||
|
||||
// ParamBinder binds parameters to a struct.
|
||||
// Currently a working implementation, waiting to implement this officially into echo.
|
||||
func ParamBinder(i interface{}, c echo.Context) (err error) {
|
||||
|
||||
// Default binder
|
||||
db := new(echo.DefaultBinder)
|
||||
if err = db.Bind(i, c); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
paramNames := c.ParamNames()
|
||||
paramValues := c.ParamValues()
|
||||
paramVars := make(map[string][]string)
|
||||
for in, name := range paramNames {
|
||||
// Hotfix for an echo bug where a param name would show up which dont exist
|
||||
names := strings.Split(name, ",")
|
||||
for _, n := range names {
|
||||
paramVars[n] = append(paramVars[name], paramValues[in])
|
||||
}
|
||||
}
|
||||
|
||||
b := Binder{}
|
||||
err = b.bindData(i, paramVars, paramTagName)
|
||||
|
||||
/*
|
||||
// Our custom magic starts here
|
||||
paramNames := c.ParamNames()
|
||||
paramValues := c.ParamValues()
|
||||
|
||||
v := reflect.ValueOf(i)
|
||||
t := reflect.TypeOf(i)
|
||||
s := reflect.ValueOf(i).Elem()
|
||||
for i := 0; i < v.NumField(); i++ {
|
||||
field := t.Field(i)
|
||||
f := s.Field(i)
|
||||
|
||||
// Check if it has a param tag
|
||||
tag := field.Tag.Get(paramTagName)
|
||||
if tag != "" {
|
||||
// If it has one, range over all url parameters to see if we have a match
|
||||
for in, name := range paramNames {
|
||||
// Found match
|
||||
if tag == name {
|
||||
// Put the value of that match in our sruct
|
||||
switch field.Type.Name() {
|
||||
case "int64": // SetInt only accepts int64, so the struct field can only have int64 of int (no int32/16/int...)
|
||||
intParam, err := strconv.ParseInt(paramValues[in], 10, 64)
|
||||
f.SetInt(intParam)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
case "string":
|
||||
f.SetString(paramValues[in])
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
//f.SetString("blub")
|
||||
|
||||
}*/
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// Binder represents a binder
|
||||
type Binder struct{}
|
||||
|
||||
func (b *Binder) bindData(ptr interface{}, data map[string][]string, tag string) error {
|
||||
typ := reflect.TypeOf(ptr).Elem()
|
||||
val := reflect.ValueOf(ptr).Elem()
|
||||
|
||||
if typ.Kind() != reflect.Struct {
|
||||
return errors.New("Binding element must be a struct")
|
||||
}
|
||||
|
||||
for i := 0; i < typ.NumField(); i++ {
|
||||
typeField := typ.Field(i)
|
||||
structField := val.Field(i)
|
||||
if !structField.CanSet() {
|
||||
continue
|
||||
}
|
||||
structFieldKind := structField.Kind()
|
||||
inputFieldName := typeField.Tag.Get(tag)
|
||||
|
||||
if inputFieldName == "" {
|
||||
inputFieldName = typeField.Name
|
||||
// If tag is nil, we inspect if the field is a struct.
|
||||
if _, ok := bindUnmarshaler(structField); !ok && structFieldKind == reflect.Struct {
|
||||
err := b.bindData(structField.Addr().Interface(), data, tag)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
continue
|
||||
}
|
||||
}
|
||||
inputValue, exists := data[inputFieldName]
|
||||
if !exists {
|
||||
continue
|
||||
}
|
||||
|
||||
// Call this first, in case we're dealing with an alias to an array type
|
||||
if ok, err := unmarshalField(typeField.Type.Kind(), inputValue[0], structField); ok {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
continue
|
||||
}
|
||||
|
||||
numElems := len(inputValue)
|
||||
if structFieldKind == reflect.Slice && numElems > 0 {
|
||||
sliceOf := structField.Type().Elem().Kind()
|
||||
slice := reflect.MakeSlice(structField.Type(), numElems, numElems)
|
||||
for j := 0; j < numElems; j++ {
|
||||
if err := setWithProperType(sliceOf, inputValue[j], slice.Index(j)); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
val.Field(i).Set(slice)
|
||||
} else {
|
||||
if err := setWithProperType(typeField.Type.Kind(), inputValue[0], structField); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func setWithProperType(valueKind reflect.Kind, val string, structField reflect.Value) error {
|
||||
// But also call it here, in case we're dealing with an array of BindUnmarshalers
|
||||
if ok, err := unmarshalField(valueKind, val, structField); ok {
|
||||
return err
|
||||
}
|
||||
|
||||
switch valueKind {
|
||||
case reflect.Int:
|
||||
return setIntField(val, 0, structField)
|
||||
case reflect.Int8:
|
||||
return setIntField(val, 8, structField)
|
||||
case reflect.Int16:
|
||||
return setIntField(val, 16, structField)
|
||||
case reflect.Int32:
|
||||
return setIntField(val, 32, structField)
|
||||
case reflect.Int64:
|
||||
return setIntField(val, 64, structField)
|
||||
case reflect.Uint:
|
||||
return setUintField(val, 0, structField)
|
||||
case reflect.Uint8:
|
||||
return setUintField(val, 8, structField)
|
||||
case reflect.Uint16:
|
||||
return setUintField(val, 16, structField)
|
||||
case reflect.Uint32:
|
||||
return setUintField(val, 32, structField)
|
||||
case reflect.Uint64:
|
||||
return setUintField(val, 64, structField)
|
||||
case reflect.Bool:
|
||||
return setBoolField(val, structField)
|
||||
case reflect.Float32:
|
||||
return setFloatField(val, 32, structField)
|
||||
case reflect.Float64:
|
||||
return setFloatField(val, 64, structField)
|
||||
case reflect.String:
|
||||
structField.SetString(val)
|
||||
default:
|
||||
return errors.New("unknown type")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func setIntField(value string, bitSize int, field reflect.Value) error {
|
||||
if value == "" {
|
||||
value = "0"
|
||||
}
|
||||
intVal, err := strconv.ParseInt(value, 10, bitSize)
|
||||
if err == nil {
|
||||
field.SetInt(intVal)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func setUintField(value string, bitSize int, field reflect.Value) error {
|
||||
if value == "" {
|
||||
value = "0"
|
||||
}
|
||||
uintVal, err := strconv.ParseUint(value, 10, bitSize)
|
||||
if err == nil {
|
||||
field.SetUint(uintVal)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func setBoolField(value string, field reflect.Value) error {
|
||||
if value == "" {
|
||||
value = "false"
|
||||
}
|
||||
boolVal, err := strconv.ParseBool(value)
|
||||
if err == nil {
|
||||
field.SetBool(boolVal)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func setFloatField(value string, bitSize int, field reflect.Value) error {
|
||||
if value == "" {
|
||||
value = "0.0"
|
||||
}
|
||||
floatVal, err := strconv.ParseFloat(value, bitSize)
|
||||
if err == nil {
|
||||
field.SetFloat(floatVal)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
// BindUnmarshaler type
|
||||
type BindUnmarshaler interface {
|
||||
// UnmarshalParam decodes and assigns a value from an form or query param.
|
||||
UnmarshalParam(param string) error
|
||||
}
|
||||
|
||||
// bindUnmarshaler attempts to unmarshal a reflect.Value into a BindUnmarshaler
|
||||
func bindUnmarshaler(field reflect.Value) (BindUnmarshaler, bool) {
|
||||
ptr := reflect.New(field.Type())
|
||||
if ptr.CanInterface() {
|
||||
iface := ptr.Interface()
|
||||
if unmarshaler, ok := iface.(BindUnmarshaler); ok {
|
||||
return unmarshaler, ok
|
||||
}
|
||||
}
|
||||
return nil, false
|
||||
}
|
||||
|
||||
func unmarshalField(valueKind reflect.Kind, val string, field reflect.Value) (bool, error) {
|
||||
switch valueKind {
|
||||
case reflect.Ptr:
|
||||
return unmarshalFieldPtr(val, field)
|
||||
default:
|
||||
return unmarshalFieldNonPtr(val, field)
|
||||
}
|
||||
}
|
||||
|
||||
func unmarshalFieldNonPtr(value string, field reflect.Value) (bool, error) {
|
||||
if unmarshaler, ok := bindUnmarshaler(field); ok {
|
||||
err := unmarshaler.UnmarshalParam(value)
|
||||
field.Set(reflect.ValueOf(unmarshaler).Elem())
|
||||
return true, err
|
||||
}
|
||||
return false, nil
|
||||
}
|
||||
|
||||
func unmarshalFieldPtr(value string, field reflect.Value) (bool, error) {
|
||||
if field.IsNil() {
|
||||
// Initialize the pointer to a nil value
|
||||
field.Set(reflect.New(field.Type().Elem()))
|
||||
}
|
||||
return unmarshalFieldNonPtr(value, field.Elem())
|
||||
}
|
|
@ -0,0 +1,66 @@
|
|||
// Vikunja is a todo-list application to facilitate your life.
|
||||
// Copyright 2018 Vikunja and contributors. All rights reserved.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/api/pkg/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
"strconv"
|
||||
)
|
||||
|
||||
// ReadAllWeb is the webhandler to get all objects of a type
|
||||
func (c *WebHandler) ReadAllWeb(ctx echo.Context) error {
|
||||
// Get our model
|
||||
currentStruct := c.EmptyStruct()
|
||||
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
|
||||
// Get the object & bind params to struct
|
||||
if err := ParamBinder(currentStruct, ctx); err != nil {
|
||||
return echo.NewHTTPError(http.StatusBadRequest, "No or invalid model provided.")
|
||||
}
|
||||
|
||||
// Pagination
|
||||
page := ctx.QueryParam("page")
|
||||
if page == "" {
|
||||
page = "1"
|
||||
}
|
||||
pageNumber, err := strconv.Atoi(page)
|
||||
if err != nil {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Error(err.Error())
|
||||
return echo.NewHTTPError(http.StatusBadRequest, "Bad page requested.")
|
||||
}
|
||||
if pageNumber < 0 {
|
||||
return echo.NewHTTPError(http.StatusBadRequest, "Bad page requested.")
|
||||
}
|
||||
|
||||
// Search
|
||||
search := ctx.QueryParam("s")
|
||||
|
||||
lists, err := currentStruct.ReadAll(search, currentAuth, pageNumber)
|
||||
if err != nil {
|
||||
return HandleHTTPError(err, ctx)
|
||||
}
|
||||
|
||||
return ctx.JSON(http.StatusOK, lists)
|
||||
}
|
|
@ -0,0 +1,55 @@
|
|||
// Vikunja is a todo-list application to facilitate your life.
|
||||
// Copyright 2018 Vikunja and contributors. All rights reserved.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/api/pkg/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
// ReadOneWeb is the webhandler to get one object
|
||||
func (c *WebHandler) ReadOneWeb(ctx echo.Context) error {
|
||||
// Get our model
|
||||
currentStruct := c.EmptyStruct()
|
||||
|
||||
// Get the object & bind params to struct
|
||||
if err := ParamBinder(currentStruct, ctx); err != nil {
|
||||
return echo.NewHTTPError(http.StatusBadRequest, "No or invalid model provided.")
|
||||
}
|
||||
|
||||
// Get our object
|
||||
err := currentStruct.ReadOne()
|
||||
if err != nil {
|
||||
return HandleHTTPError(err, ctx)
|
||||
}
|
||||
|
||||
// Check rights
|
||||
// We can only check the rights on a full object, which is why we need to check it afterwards
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
if !currentStruct.CanRead(currentAuth) {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to read one while not having the rights for it", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden, "You don't have the right to see this")
|
||||
}
|
||||
|
||||
return ctx.JSON(http.StatusOK, currentStruct)
|
||||
}
|
|
@ -0,0 +1,60 @@
|
|||
// Vikunja is a todo-list application to facilitate your life.
|
||||
// Copyright 2018 Vikunja and contributors. All rights reserved.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/api/pkg/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
// UpdateWeb is the webhandler to update an object
|
||||
func (c *WebHandler) UpdateWeb(ctx echo.Context) error {
|
||||
|
||||
// Get our model
|
||||
currentStruct := c.EmptyStruct()
|
||||
|
||||
// Get the object & bind params to struct
|
||||
if err := ParamBinder(currentStruct, ctx); err != nil {
|
||||
return echo.NewHTTPError(http.StatusBadRequest, "No or invalid model provided.")
|
||||
}
|
||||
|
||||
// Validate the struct
|
||||
if err := ctx.Validate(currentStruct); err != nil {
|
||||
return echo.NewHTTPError(http.StatusBadRequest, err)
|
||||
}
|
||||
|
||||
// Check if the user has the right to do that
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
if !currentStruct.CanUpdate(currentAuth) {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to update while not having the rights for it", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden)
|
||||
}
|
||||
|
||||
// Do the update
|
||||
err = currentStruct.Update()
|
||||
if err != nil {
|
||||
return HandleHTTPError(err, ctx)
|
||||
}
|
||||
|
||||
return ctx.JSON(http.StatusOK, currentStruct)
|
||||
}
|
|
@ -0,0 +1,65 @@
|
|||
// Vikunja is a todo-list application to facilitate your life.
|
||||
// Copyright 2018 Vikunja and contributors. All rights reserved.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package web
|
||||
|
||||
import "github.com/labstack/echo"
|
||||
|
||||
// Rights defines rights methods
|
||||
type Rights interface {
|
||||
IsAdmin(Auth) bool
|
||||
CanWrite(Auth) bool
|
||||
CanRead(Auth) bool
|
||||
CanDelete(Auth) bool
|
||||
CanUpdate(Auth) bool
|
||||
CanCreate(Auth) bool
|
||||
}
|
||||
|
||||
// CRUDable defines the crud methods
|
||||
type CRUDable interface {
|
||||
Create(Auth) error
|
||||
ReadOne() error
|
||||
ReadAll(string, Auth, int) (interface{}, error)
|
||||
Update() error
|
||||
Delete() error
|
||||
}
|
||||
|
||||
// HTTPErrorProcessor is executed when the defined error is thrown, it will make sure the user sees an appropriate error message and http status code
|
||||
type HTTPErrorProcessor interface {
|
||||
HTTPError() HTTPError
|
||||
}
|
||||
|
||||
// HTTPError holds informations about an http error
|
||||
type HTTPError struct {
|
||||
HTTPCode int `json:"-"`
|
||||
Code int `json:"code"`
|
||||
Message string `json:"message"`
|
||||
}
|
||||
|
||||
// Auth defines the authentication interface used to get some auth thing
|
||||
type Auth interface {
|
||||
AuthDummy()
|
||||
}
|
||||
|
||||
// Authprovider is a holder for the implementation of an authprovider by the application
|
||||
type Authprovider interface {
|
||||
GetAuthObject(echo.Context) (Auth, error)
|
||||
}
|
||||
|
||||
// Auths holds the authobject
|
||||
type Auths struct {
|
||||
AuthObject func(echo.Context) (Auth, error)
|
||||
}
|
Loading…
Reference in New Issue