Refactored config
This commit is contained in:
parent
1c90eb2253
commit
fcaf01fb20
15
Readme.md
15
Readme.md
|
@ -120,17 +120,12 @@ not allowed to do and so on.
|
|||
#### Full Example
|
||||
|
||||
```go
|
||||
e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||
return func(c echo.Context) error {
|
||||
c.Set("AuthProvider", &web.Auths{
|
||||
AuthObject: func(echo.Context) (web.Auth, error) {
|
||||
return models.GetCurrentUser(c) // Your functions
|
||||
},
|
||||
})
|
||||
c.Set("LoggingProvider", &log.Log)
|
||||
return next(c)
|
||||
}
|
||||
handler.SetAuthProvider(&web.Auths{
|
||||
AuthObject: func(echo.Context) (web.Auth, error) {
|
||||
return models.GetCurrentUser(c) // Your functions
|
||||
},
|
||||
})
|
||||
handler.SetLoggingProvider(&log.Log)
|
||||
```
|
||||
|
||||
## Preprocessing
|
||||
|
|
|
@ -0,0 +1,47 @@
|
|||
// Copyright (c) 2019 Vikunja and contributors.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Lesser General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU Lesser General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Lesser General Public License
|
||||
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
//
|
||||
|
||||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/web"
|
||||
"github.com/op/go-logging"
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
AuthProvider *web.Auths
|
||||
LoggingProvider *logging.Logger
|
||||
}
|
||||
|
||||
var config *Config
|
||||
|
||||
func SetAuthProvider(provider *web.Auths) {
|
||||
config.AuthProvider = provider
|
||||
}
|
||||
|
||||
func SetLoggingProvider(logger *logging.Logger) {
|
||||
config.LoggingProvider = logger
|
||||
}
|
||||
|
||||
/**
|
||||
c.Set("AuthProvider", &web.Auths{
|
||||
AuthObject: func(echo.Context) (web.Auth, error) {
|
||||
return models.GetCurrentUser(c) // Your functions
|
||||
},
|
||||
})
|
||||
c.Set("LoggingProvider", &log.Log)
|
||||
return next(c)
|
||||
*/
|
|
@ -16,9 +16,7 @@
|
|||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
|
@ -38,15 +36,14 @@ func (c *WebHandler) CreateWeb(ctx echo.Context) error {
|
|||
}
|
||||
|
||||
// Get the user to pass for later checks
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
|
||||
// Check rights
|
||||
if !currentStruct.CanCreate(currentAuth) {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to create while not having the rights for it", currentAuth)
|
||||
config.LoggingProvider.Noticef("Tried to create while not having the rights for it", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden)
|
||||
}
|
||||
|
||||
|
|
|
@ -16,9 +16,7 @@
|
|||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
|
@ -38,13 +36,12 @@ func (c *WebHandler) DeleteWeb(ctx echo.Context) error {
|
|||
}
|
||||
|
||||
// Check if the user has the right to delete
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError)
|
||||
}
|
||||
if !currentStruct.CanDelete(currentAuth) {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to delete while not having the rights for it", currentAuth)
|
||||
config.LoggingProvider.Noticef("Tried to delete while not having the rights for it", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden)
|
||||
}
|
||||
|
||||
|
|
|
@ -18,7 +18,6 @@ package handler
|
|||
import (
|
||||
"code.vikunja.io/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
|
@ -40,6 +39,6 @@ func HandleHTTPError(err error, ctx echo.Context) *echo.HTTPError {
|
|||
errDetails := a.HTTPError()
|
||||
return echo.NewHTTPError(errDetails.HTTPCode, errDetails)
|
||||
}
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Error(err.Error())
|
||||
config.LoggingProvider.Error(err.Error())
|
||||
return echo.NewHTTPError(http.StatusInternalServerError)
|
||||
}
|
||||
|
|
|
@ -16,9 +16,7 @@
|
|||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
"strconv"
|
||||
)
|
||||
|
@ -28,8 +26,7 @@ func (c *WebHandler) ReadAllWeb(ctx echo.Context) error {
|
|||
// Get our model
|
||||
currentStruct := c.EmptyStruct()
|
||||
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
|
@ -46,7 +43,7 @@ func (c *WebHandler) ReadAllWeb(ctx echo.Context) error {
|
|||
}
|
||||
pageNumber, err := strconv.Atoi(page)
|
||||
if err != nil {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Error(err.Error())
|
||||
config.LoggingProvider.Error(err.Error())
|
||||
return echo.NewHTTPError(http.StatusBadRequest, "Bad page requested.")
|
||||
}
|
||||
if pageNumber < 0 {
|
||||
|
|
|
@ -16,9 +16,7 @@
|
|||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
|
@ -40,13 +38,12 @@ func (c *WebHandler) ReadOneWeb(ctx echo.Context) error {
|
|||
|
||||
// Check rights
|
||||
// We can only check the rights on a full object, which is why we need to check it afterwards
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
if !currentStruct.CanRead(currentAuth) {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to read one while not having the rights for it", currentAuth)
|
||||
config.LoggingProvider.Noticef("Tried to read one while not having the rights for it", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden, "You don't have the right to see this")
|
||||
}
|
||||
|
||||
|
|
|
@ -16,9 +16,7 @@
|
|||
package handler
|
||||
|
||||
import (
|
||||
"code.vikunja.io/web"
|
||||
"github.com/labstack/echo"
|
||||
"github.com/op/go-logging"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
|
@ -39,13 +37,12 @@ func (c *WebHandler) UpdateWeb(ctx echo.Context) error {
|
|||
}
|
||||
|
||||
// Check if the user has the right to do that
|
||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
||||
currentAuth, err := authprovider.AuthObject(ctx)
|
||||
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||
}
|
||||
if !currentStruct.CanUpdate(currentAuth) {
|
||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to update while not having the rights for it", currentAuth)
|
||||
config.LoggingProvider.Noticef("Tried to update while not having the rights for it", currentAuth)
|
||||
return echo.NewHTTPError(http.StatusForbidden)
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue