local-it/vikunja-api
0
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Simplify list rights check (#50)

Browse source
This commit is contained in:
konrad 2019-01-14 21:49:50 +00:00 committed by Gitea
parent 3d05d0aa45
commit 17fefae8bb
3 changed files with 38 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Featurecreep.md
View file

@ -156,7 +156,7 @@ Sorry for some of them being in German, I'll tranlate them at some point.
### Refactor ### Refactor
* [ ] ListTaskRights, sollte überall gleich funktionieren, gibt ja mittlerweile auch eine Methode um liste von nem Task aus zu kriegen oder so * [x] ListTaskRights, sollte überall gleich funktionieren, gibt ja mittlerweile auch eine Methode um liste von nem Task aus zu kriegen oder so
### Linters ### Linters

6
pkg/models/list_task_readall.go
View file

@ -71,14 +71,14 @@ func dummy2() {
// @Success 200 {array} models.List "The tasks" // @Success 200 {array} models.List "The tasks"
// @Failure 500 {object} models.Message "Internal error" // @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/all [get] // @Router /tasks/all [get]
func (lt *ListTask) ReadAll(search string, a web.Auth, page int) (interface{}, error) { func (t *ListTask) ReadAll(search string, a web.Auth, page int) (interface{}, error) {
u, err := getUserWithError(a) u, err := getUserWithError(a)
if err != nil { if err != nil {
return nil, err return nil, err
} }
var sortby SortBy var sortby SortBy
switch lt.Sorting { switch t.Sorting {
case "priority": case "priority":
sortby = SortTasksByPriorityDesc sortby = SortTasksByPriorityDesc
case "prioritydesc": case "prioritydesc":
@ -95,7 +95,7 @@ func (lt *ListTask) ReadAll(search string, a web.Auth, page int) (interface{}, e
sortby = SortTasksByUnsorted sortby = SortTasksByUnsorted
} }
return GetTasksByUser(search, u, page, sortby, time.Unix(lt.StartDateSortUnix, 0), time.Unix(lt.EndDateSortUnix, 0)) return GetTasksByUser(search, u, page, sortby, time.Unix(t.StartDateSortUnix, 0), time.Unix(t.EndDateSortUnix, 0))
} }
//GetTasksByUser returns all tasks for a user //GetTasksByUser returns all tasks for a user

66
pkg/models/list_tasks_rights.go
View file

@ -23,49 +23,25 @@ import (
// CanDelete checks if the user can delete an task // CanDelete checks if the user can delete an task
func (t *ListTask) CanDelete(a web.Auth) bool { func (t *ListTask) CanDelete(a web.Auth) bool {
doer := getUserForRights(a) return t.canDoListTask(a)
// Get the task
lI, err := GetListTaskByID(t.ID)
if err != nil {
log.Log.Error("Error occurred during CanDelete for ListTask: %s", err)
return false
}
// A user can delete an task if he has write acces to its list
l := &List{ID: lI.ListID}
l.ReadOne()
return l.CanWrite(doer)
} }
// CanUpdate determines if a user has the right to update a list task // CanUpdate determines if a user has the right to update a list task
func (t *ListTask) CanUpdate(a web.Auth) bool { func (t *ListTask) CanUpdate(a web.Auth) bool {
doer := getUserForRights(a) return t.canDoListTask(a)
// Get the task
lI, err := getTaskByIDSimple(t.ID)
if err != nil {
log.Log.Error("Error occurred during CanUpdate (getTaskByIDSimple) for ListTask: %s", err)
return false
}
// A user can update an task if he has write acces to its list
l := &List{ID: lI.ListID}
err = l.GetSimpleByID()
if err != nil {
log.Log.Error("Error occurred during CanUpdate (ReadOne) for ListTask: %s", err)
return false
}
return l.CanWrite(doer)
} }
// CanCreate determines if a user has the right to create a list task // CanCreate determines if a user has the right to create a list task
func (t *ListTask) CanCreate(a web.Auth) bool { func (t *ListTask) CanCreate(a web.Auth) bool {
doer := getUserForRights(a) doer := getUserForRights(a)
// A user can create an task if he has write acces to its list // A user can do a task if he has write acces to its list
l := &List{ID: t.ListID} l := &List{ID: t.ListID}
l.ReadOne() err := l.GetSimpleByID()
if err != nil {
log.Log.Error("Error occurred during CanDelete for ListTask: %s", err)
return false
}
return l.CanWrite(doer) return l.CanWrite(doer)
} }
@ -73,5 +49,31 @@ func (t *ListTask) CanCreate(a web.Auth) bool {
func (t *ListTask) CanRead(a web.Auth) bool { func (t *ListTask) CanRead(a web.Auth) bool {
// A user can read a task if it has access to the list // A user can read a task if it has access to the list
list := &List{ID: t.ListID} list := &List{ID: t.ListID}
err := list.GetSimpleByID()
if err != nil {
log.Log.Error("Error occurred during CanRead for ListTask: %s", err)
return false
}
return list.CanRead(a) return list.CanRead(a)
} }
// Helper function to check if a user can do stuff on a list task
func (t *ListTask) canDoListTask(a web.Auth) bool {
doer := getUserForRights(a)
// Get the task
lI, err := getTaskByIDSimple(t.ID)
if err != nil {
log.Log.Error("Error occurred during canDoListTask (getTaskByIDSimple) for ListTask: %s", err)
return false
}
// A user can do a task if he has write acces to its list
l := &List{ID: lI.ListID}
err = l.GetSimpleByID()
if err != nil {
log.Log.Error("Error occurred during CanDelete for ListTask: %s", err)
return false
}
return l.CanWrite(doer)
}