Simplify list rights check (#50)

This commit is contained in:
konrad 2019-01-14 21:49:50 +00:00 committed by Gitea
parent 3d05d0aa45
commit 17fefae8bb
3 changed files with 38 additions and 36 deletions

View file

@ -156,7 +156,7 @@ Sorry for some of them being in German, I'll tranlate them at some point.
### Refactor
* [ ] ListTaskRights, sollte überall gleich funktionieren, gibt ja mittlerweile auch eine Methode um liste von nem Task aus zu kriegen oder so
* [x] ListTaskRights, sollte überall gleich funktionieren, gibt ja mittlerweile auch eine Methode um liste von nem Task aus zu kriegen oder so
### Linters

View file

@ -71,14 +71,14 @@ func dummy2() {
// @Success 200 {array} models.List "The tasks"
// @Failure 500 {object} models.Message "Internal error"
// @Router /tasks/all [get]
func (lt *ListTask) ReadAll(search string, a web.Auth, page int) (interface{}, error) {
func (t *ListTask) ReadAll(search string, a web.Auth, page int) (interface{}, error) {
u, err := getUserWithError(a)
if err != nil {
return nil, err
}
var sortby SortBy
switch lt.Sorting {
switch t.Sorting {
case "priority":
sortby = SortTasksByPriorityDesc
case "prioritydesc":
@ -95,7 +95,7 @@ func (lt *ListTask) ReadAll(search string, a web.Auth, page int) (interface{}, e
sortby = SortTasksByUnsorted
}
return GetTasksByUser(search, u, page, sortby, time.Unix(lt.StartDateSortUnix, 0), time.Unix(lt.EndDateSortUnix, 0))
return GetTasksByUser(search, u, page, sortby, time.Unix(t.StartDateSortUnix, 0), time.Unix(t.EndDateSortUnix, 0))
}
//GetTasksByUser returns all tasks for a user

View file

@ -23,49 +23,25 @@ import (
// CanDelete checks if the user can delete an task
func (t *ListTask) CanDelete(a web.Auth) bool {
doer := getUserForRights(a)
// Get the task
lI, err := GetListTaskByID(t.ID)
if err != nil {
log.Log.Error("Error occurred during CanDelete for ListTask: %s", err)
return false
}
// A user can delete an task if he has write acces to its list
l := &List{ID: lI.ListID}
l.ReadOne()
return l.CanWrite(doer)
return t.canDoListTask(a)
}
// CanUpdate determines if a user has the right to update a list task
func (t *ListTask) CanUpdate(a web.Auth) bool {
doer := getUserForRights(a)
// Get the task
lI, err := getTaskByIDSimple(t.ID)
if err != nil {
log.Log.Error("Error occurred during CanUpdate (getTaskByIDSimple) for ListTask: %s", err)
return false
}
// A user can update an task if he has write acces to its list
l := &List{ID: lI.ListID}
err = l.GetSimpleByID()
if err != nil {
log.Log.Error("Error occurred during CanUpdate (ReadOne) for ListTask: %s", err)
return false
}
return l.CanWrite(doer)
return t.canDoListTask(a)
}
// CanCreate determines if a user has the right to create a list task
func (t *ListTask) CanCreate(a web.Auth) bool {
doer := getUserForRights(a)
// A user can create an task if he has write acces to its list
// A user can do a task if he has write acces to its list
l := &List{ID: t.ListID}
l.ReadOne()
err := l.GetSimpleByID()
if err != nil {
log.Log.Error("Error occurred during CanDelete for ListTask: %s", err)
return false
}
return l.CanWrite(doer)
}
@ -73,5 +49,31 @@ func (t *ListTask) CanCreate(a web.Auth) bool {
func (t *ListTask) CanRead(a web.Auth) bool {
// A user can read a task if it has access to the list
list := &List{ID: t.ListID}
err := list.GetSimpleByID()
if err != nil {
log.Log.Error("Error occurred during CanRead for ListTask: %s", err)
return false
}
return list.CanRead(a)
}
// Helper function to check if a user can do stuff on a list task
func (t *ListTask) canDoListTask(a web.Auth) bool {
doer := getUserForRights(a)
// Get the task
lI, err := getTaskByIDSimple(t.ID)
if err != nil {
log.Log.Error("Error occurred during canDoListTask (getTaskByIDSimple) for ListTask: %s", err)
return false
}
// A user can do a task if he has write acces to its list
l := &List{ID: lI.ListID}
err = l.GetSimpleByID()
if err != nil {
log.Log.Error("Error occurred during CanDelete for ListTask: %s", err)
return false
}
return l.CanWrite(doer)
}