New structure (#7)

This commit is contained in:
konrad 2018-10-31 12:42:38 +00:00 committed by Gitea
parent 3f9fad0e2a
commit 301a4eedda
104 changed files with 326 additions and 280 deletions

20
main.go
View file

@ -1,9 +1,11 @@
package main package main
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/config"
"code.vikunja.io/api/models/mail" "code.vikunja.io/api/pkg/log"
"code.vikunja.io/api/routes" "code.vikunja.io/api/pkg/mail"
"code.vikunja.io/api/pkg/models"
"code.vikunja.io/api/pkg/routes"
"context" "context"
"github.com/spf13/viper" "github.com/spf13/viper"
@ -18,19 +20,19 @@ var Version = "0.1"
func main() { func main() {
// Init logging // Init logging
models.InitLogger() log.InitLogger()
// Init Config // Init Config
err := models.InitConfig() err := config.InitConfig()
if err != nil { if err != nil {
models.Log.Error(err.Error()) log.Log.Error(err.Error())
os.Exit(1) os.Exit(1)
} }
// Set Engine // Set Engine
err = models.SetEngine() err = models.SetEngine()
if err != nil { if err != nil {
models.Log.Error(err.Error()) log.Log.Error(err.Error())
os.Exit(1) os.Exit(1)
} }
@ -38,7 +40,7 @@ func main() {
mail.StartMailDaemon() mail.StartMailDaemon()
// Version notification // Version notification
models.Log.Infof("Vikunja version %s", Version) log.Log.Infof("Vikunja version %s", Version)
// Start the webserver // Start the webserver
e := routes.NewEcho() e := routes.NewEcho()
@ -57,7 +59,7 @@ func main() {
<-quit <-quit
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel() defer cancel()
models.Log.Infof("Sutting down...") log.Log.Infof("Shutting down...")
if err := e.Shutdown(ctx); err != nil { if err := e.Shutdown(ctx); err != nil {
e.Logger.Fatal(err) e.Logger.Fatal(err)
} }

View file

@ -1,80 +0,0 @@
package models
// TeamRight defines the rights teams can have for lists/namespaces
type TeamRight int
// define unknown team right
const (
TeamRightUnknown = -1
)
// Enumerate all the team rights
const (
// Can read lists in a Team
TeamRightRead TeamRight = iota
// Can write tasks in a Team like lists and todo tasks. Cannot create new lists.
TeamRightWrite
// Can manage a list/namespace, can do everything
TeamRightAdmin
)
func (r TeamRight) isValid() error {
if r != TeamRightAdmin && r != TeamRightRead && r != TeamRightWrite {
return ErrInvalidTeamRight{r}
}
return nil
}
// CanCreate checks if the user can create a new team
func (t *Team) CanCreate(user *User) bool {
// This is currently a dummy function, later on we could imagine global limits etc.
return true
}
// CanUpdate checks if the user can update a team
func (t *Team) CanUpdate(user *User) bool {
// Check if the current user is in the team and has admin rights in it
exists, err := x.Where("team_id = ?", t.ID).
And("user_id = ?", user.ID).
And("admin = ?", true).
Get(&TeamMember{})
if err != nil {
Log.Error("Error occurred during CanUpdate for Team: %s", err)
return false
}
return exists
}
// CanDelete checks if a user can delete a team
func (t *Team) CanDelete(user *User) bool {
return t.IsAdmin(user)
}
// IsAdmin returns true when the user is admin of a team
func (t *Team) IsAdmin(user *User) bool {
exists, err := x.Where("team_id = ?", t.ID).
And("user_id = ?", user.ID).
And("admin = ?", true).
Get(&TeamMember{})
if err != nil {
Log.Error("Error occurred during CanUpdate for Team: %s", err)
return false
}
return exists
}
// CanRead returns true if the user has read access to the team
func (t *Team) CanRead(user *User) bool {
// Check if the user is in the team
exists, err := x.Where("team_id = ?", t.ID).
And("user_id = ?", user.ID).
Get(&TeamMember{})
if err != nil {
Log.Error("Error occurred during CanUpdate for Team: %s", err)
return false
}
return exists
}

View file

@ -1,4 +1,4 @@
package models package config
import ( import (
"crypto/rand" "crypto/rand"

View file

@ -1,4 +1,4 @@
package models package log
import ( import (
"github.com/op/go-logging" "github.com/op/go-logging"

View file

@ -1,8 +1,8 @@
package mail package mail
import ( import (
"code.vikunja.io/api/pkg/log"
"crypto/tls" "crypto/tls"
"fmt"
"github.com/spf13/viper" "github.com/spf13/viper"
"gopkg.in/gomail.v2" "gopkg.in/gomail.v2"
"time" "time"
@ -16,8 +16,7 @@ func StartMailDaemon() {
Queue = make(chan *gomail.Message, viper.GetInt("mailer.queuelength")) Queue = make(chan *gomail.Message, viper.GetInt("mailer.queuelength"))
if viper.GetString("mailer.host") == "" { if viper.GetString("mailer.host") == "" {
//models.Log.Warning("Mailer seems to be not configured! Please see the config docs for more details.") log.Log.Warning("Mailer seems to be not configured! Please see the config docs for more details.")
fmt.Println("Mailer seems to be not configured! Please see the config docs for more details.")
return return
} }
@ -36,23 +35,21 @@ func StartMailDaemon() {
} }
if !open { if !open {
if s, err = d.Dial(); err != nil { if s, err = d.Dial(); err != nil {
// models.Log.Error("Error during connect to smtp server: %s", err) log.Log.Error("Error during connect to smtp server: %s", err)
fmt.Printf("Error during connect to smtp server: %s \n", err)
} }
open = true open = true
} }
if err := gomail.Send(s, m); err != nil { if err := gomail.Send(s, m); err != nil {
// models.Log.Error("Error when sending mail: %s", err) log.Log.Error("Error when sending mail: %s", err)
fmt.Printf("Error when sending mail: %s \n", err)
} }
// Close the connection to the SMTP server if no email was sent in // Close the connection to the SMTP server if no email was sent in
// the last 30 seconds. // the last 30 seconds.
case <-time.After(viper.GetDuration("mailer.queuetimeout") * time.Second): case <-time.After(viper.GetDuration("mailer.queuetimeout") * time.Second):
if open { if open {
if err := s.Close(); err != nil { if err := s.Close(); err != nil {
fmt.Printf("Error closing the mail server connection: %s\n", err) log.Log.Error("Error closing the mail server connection: %s\n", err)
} }
fmt.Println("Closed connection to mailserver") log.Log.Infof("Closed connection to mailserver")
open = false open = false
} }
} }

View file

@ -2,7 +2,7 @@ package mail
import ( import (
"bytes" "bytes"
"code.vikunja.io/api/models/utils" "code.vikunja.io/api/pkg/utils"
"github.com/labstack/gommon/log" "github.com/labstack/gommon/log"
"github.com/spf13/viper" "github.com/spf13/viper"
"gopkg.in/gomail.v2" "gopkg.in/gomail.v2"

View file

@ -25,9 +25,9 @@ func GetListsByNamespaceID(nID int64) (lists []*List, err error) {
} }
// ReadAll gets all lists a user has access to // ReadAll gets all lists a user has access to
func (l *List) ReadAll(user *User) (interface{}, error) { func (l *List) ReadAll(u *User) (interface{}, error) {
lists := []*List{} lists := []*List{}
fullUser, err := GetUserByID(user.ID) fullUser, err := GetUserByID(u.ID)
if err != nil { if err != nil {
return lists, err return lists, err
} }
@ -53,7 +53,7 @@ func (l *List) ReadAll(user *User) (interface{}, error) {
Find(&lists) Find(&lists)
// Add more list details // Add more list details
addListDetails(lists) AddListDetails(lists)
return lists, err return lists, err
} }
@ -98,8 +98,8 @@ func (l *List) GetSimpleByID() (err error) {
return return
} }
// Adds owner user objects and list tasks to all lists in the slice // AddListDetails adds owner user objects and list tasks to all lists in the slice
func addListDetails(lists []*List) (err error) { func AddListDetails(lists []*List) (err error) {
var listIDs []int64 var listIDs []int64
var ownerIDs []int64 var ownerIDs []int64
for _, l := range lists { for _, l := range lists {
@ -108,8 +108,8 @@ func addListDetails(lists []*List) (err error) {
} }
// Get all tasks // Get all tasks
tasks := []*ListTask{} ts := []*ListTask{}
err = x.In("list_id", listIDs).Find(&tasks) err = x.In("list_id", listIDs).Find(&ts)
if err != nil { if err != nil {
return return
} }
@ -132,7 +132,7 @@ func addListDetails(lists []*List) (err error) {
} }
// Tasks // Tasks
for _, task := range tasks { for _, task := range ts {
if task.ListID == list.ID { if task.ListID == list.ID {
lists[in].Tasks = append(lists[in].Tasks, task) lists[in].Tasks = append(lists[in].Tasks, task)
} }

View file

@ -44,13 +44,13 @@ func (l *List) Update() (err error) {
// Create implements the create method of CRUDable // Create implements the create method of CRUDable
func (l *List) Create(doer *User) (err error) { func (l *List) Create(doer *User) (err error) {
// Check rights // Check rights
user, err := GetUserByID(doer.ID) u, err := GetUserByID(doer.ID)
if err != nil { if err != nil {
return return
} }
l.OwnerID = user.ID l.OwnerID = u.ID
l.Owner.ID = user.ID l.Owner.ID = u.ID
l.ID = 0 // Otherwise only the first time a new list would be created l.ID = 0 // Otherwise only the first time a new list would be created
return CreateOrUpdateList(l) return CreateOrUpdateList(l)

View file

@ -16,11 +16,11 @@ func TestList_ReadAll(t *testing.T) {
assert.Equal(t, len(lists), 2) assert.Equal(t, len(lists), 2)
// Get all lists our user has access to // Get all lists our user has access to
user, err := GetUserByID(1) u, err := GetUserByID(1)
assert.NoError(t, err) assert.NoError(t, err)
lists2 := List{} lists2 := List{}
lists3, err := lists2.ReadAll(&user) lists3, err := lists2.ReadAll(&u)
assert.NoError(t, err) assert.NoError(t, err)
assert.Equal(t, reflect.TypeOf(lists3).Kind(), reflect.Slice) assert.Equal(t, reflect.TypeOf(lists3).Kind(), reflect.Slice)
s := reflect.ValueOf(lists3) s := reflect.ValueOf(lists3)

View file

@ -1,18 +1,22 @@
package models package models
import (
"code.vikunja.io/api/pkg/log"
)
// IsAdmin returns whether the user has admin rights on the list or not // IsAdmin returns whether the user has admin rights on the list or not
func (l *List) IsAdmin(user *User) bool { func (l *List) IsAdmin(u *User) bool {
// Owners are always admins // Owners are always admins
if l.Owner.ID == user.ID { if l.Owner.ID == u.ID {
return true return true
} }
// Check individual rights // Check individual rights
if l.checkListUserRight(user, UserRightAdmin) { if l.checkListUserRight(u, UserRightAdmin) {
return true return true
} }
return l.checkListTeamRight(user, TeamRightAdmin) return l.checkListTeamRight(u, TeamRightAdmin)
} }
// CanWrite return whether the user can write on that list or not // CanWrite return whether the user can write on that list or not
@ -48,7 +52,7 @@ func (l *List) CanRead(user *User) bool {
// CanDelete checks if the user can delete a list // CanDelete checks if the user can delete a list
func (l *List) CanDelete(doer *User) bool { func (l *List) CanDelete(doer *User) bool {
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
Log.Error("Error occurred during CanDelete for List: %s", err) log.Log.Error("Error occurred during CanDelete for List: %s", err)
return false return false
} }
return l.IsAdmin(doer) return l.IsAdmin(doer)
@ -57,7 +61,7 @@ func (l *List) CanDelete(doer *User) bool {
// CanUpdate checks if the user can update a list // CanUpdate checks if the user can update a list
func (l *List) CanUpdate(doer *User) bool { func (l *List) CanUpdate(doer *User) bool {
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
Log.Error("Error occurred during CanUpdate for List: %s", err) log.Log.Error("Error occurred during CanUpdate for List: %s", err)
return false return false
} }
return l.CanWrite(doer) return l.CanWrite(doer)
@ -82,7 +86,7 @@ func (l *List) checkListTeamRight(user *User, r TeamRight) bool {
user.ID, r, user.ID, r, l.ID). user.ID, r, user.ID, r, l.ID).
Exist(&List{}) Exist(&List{})
if err != nil { if err != nil {
Log.Error("Error occurred during checkListTeamRight for List: %s", err) log.Log.Error("Error occurred during checkListTeamRight for List: %s", err)
return false return false
} }
@ -103,7 +107,7 @@ func (l *List) checkListUserRight(user *User, r UserRight) bool {
user.ID, r, user.ID, r, user.ID, l.ID). user.ID, r, user.ID, r, user.ID, l.ID).
Exist(&List{}) Exist(&List{})
if err != nil { if err != nil {
Log.Error("Error occurred during checkListUserRight for List: %s", err) log.Log.Error("Error occurred during checkListUserRight for List: %s", err)
return false return false
} }

View file

@ -59,9 +59,9 @@ func GetTasksByListID(listID int64) (tasks []*ListTask, err error) {
} }
for in, task := range tasks { for in, task := range tasks {
for _, user := range users { for _, u := range users {
if task.CreatedByID == user.ID { if task.CreatedByID == u.ID {
tasks[in].CreatedBy = user tasks[in].CreatedBy = u
break break
} }
} }
@ -88,11 +88,11 @@ func GetListTaskByID(listTaskID int64) (listTask ListTask, err error) {
return ListTask{}, ErrListTaskDoesNotExist{listTaskID} return ListTask{}, ErrListTaskDoesNotExist{listTaskID}
} }
user, err := GetUserByID(listTask.CreatedByID) u, err := GetUserByID(listTask.CreatedByID)
if err != nil { if err != nil {
return return
} }
listTask.CreatedBy = user listTask.CreatedBy = u
return return
} }

View file

@ -19,13 +19,13 @@ func (i *ListTask) Create(doer *User) (err error) {
return return
} }
user, err := GetUserByID(doer.ID) u, err := GetUserByID(doer.ID)
if err != nil { if err != nil {
return err return err
} }
i.CreatedByID = user.ID i.CreatedByID = u.ID
i.CreatedBy = user i.CreatedBy = u
_, err = x.Cols("text", "description", "done", "due_date_unix", "reminder_unix", "created_by_id", "list_id", "created", "updated").Insert(i) _, err = x.Cols("text", "description", "done", "due_date_unix", "reminder_unix", "created_by_id", "list_id", "created", "updated").Insert(i)
return err return err
} }
@ -39,8 +39,8 @@ func (i *ListTask) Update() (err error) {
} }
// For whatever reason, xorm dont detect if done is updated, so we need to update this every time by hand // For whatever reason, xorm dont detect if done is updated, so we need to update this every time by hand
// Which is why we merge the actual task struct with the one we got from the user. // Which is why we merge the actual task struct with the one we got from the
// The user struct ovverrides values in the actual one. // The user struct overrides values in the actual one.
if err := mergo.Merge(&ot, i, mergo.WithOverride); err != nil { if err := mergo.Merge(&ot, i, mergo.WithOverride); err != nil {
return err return err
} }

View file

@ -1,18 +1,22 @@
package models package models
import (
"code.vikunja.io/api/pkg/log"
)
// CanDelete checks if the user can delete an task // CanDelete checks if the user can delete an task
func (i *ListTask) CanDelete(doer *User) bool { func (i *ListTask) CanDelete(doer *User) bool {
// Get the task // Get the task
lI, err := GetListTaskByID(i.ID) lI, err := GetListTaskByID(i.ID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanDelete for ListTask: %s", err) log.Log.Error("Error occurred during CanDelete for ListTask: %s", err)
return false return false
} }
// A user can delete an task if he has write acces to its list // A user can delete an task if he has write acces to its list
list := &List{ID: lI.ListID} l := &List{ID: lI.ListID}
list.ReadOne() l.ReadOne()
return list.CanWrite(doer) return l.CanWrite(doer)
} }
// CanUpdate determines if a user has the right to update a list task // CanUpdate determines if a user has the right to update a list task
@ -20,20 +24,20 @@ func (i *ListTask) CanUpdate(doer *User) bool {
// Get the task // Get the task
lI, err := GetListTaskByID(i.ID) lI, err := GetListTaskByID(i.ID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanDelete for ListTask: %s", err) log.Log.Error("Error occurred during CanDelete for ListTask: %s", err)
return false return false
} }
// A user can update an task if he has write acces to its list // A user can update an task if he has write acces to its list
list := &List{ID: lI.ListID} l := &List{ID: lI.ListID}
list.ReadOne() l.ReadOne()
return list.CanWrite(doer) return l.CanWrite(doer)
} }
// CanCreate determines if a user has the right to create a list task // CanCreate determines if a user has the right to create a list task
func (i *ListTask) CanCreate(doer *User) bool { func (i *ListTask) CanCreate(doer *User) bool {
// A user can create an task if he has write acces to its list // A user can create an task if he has write acces to its list
list := &List{ID: i.ListID} l := &List{ID: i.ListID}
list.ReadOne() l.ReadOne()
return list.CanWrite(doer) return l.CanWrite(doer)
} }

View file

@ -1,7 +1,7 @@
package models package models
// Create creates a new list <-> user relation // Create creates a new list <-> user relation
func (ul *ListUser) Create(user *User) (err error) { func (ul *ListUser) Create(u *User) (err error) {
// Check if the right is valid // Check if the right is valid
if err := ul.Right.isValid(); err != nil { if err := ul.Right.isValid(); err != nil {

View file

@ -1,13 +1,13 @@
package models package models
// ReadAll gets all users who have access to a list // ReadAll gets all users who have access to a list
func (ul *ListUser) ReadAll(user *User) (interface{}, error) { func (ul *ListUser) ReadAll(u *User) (interface{}, error) {
// Check if the user has access to the list // Check if the user has access to the list
l := &List{ID: ul.ListID} l := &List{ID: ul.ListID}
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
return nil, err return nil, err
} }
if !l.CanRead(user) { if !l.CanRead(u) {
return nil, ErrNeedToHaveListReadAccess{} return nil, ErrNeedToHaveListReadAccess{}
} }

View file

@ -1,37 +1,15 @@
package models package models
// UserRight defines the rights users can have for lists/namespaces import (
type UserRight int "code.vikunja.io/api/pkg/log"
// define unknown user right
const (
UserRightUnknown = -1
) )
// Enumerate all the user rights
const (
// Can read lists in a User
UserRightRead UserRight = iota
// Can write tasks in a User like lists and todo tasks. Cannot create new lists.
UserRightWrite
// Can manage a list/namespace, can do everything
UserRightAdmin
)
func (r UserRight) isValid() error {
if r != UserRightAdmin && r != UserRightRead && r != UserRightWrite {
return ErrInvalidUserRight{r}
}
return nil
}
// CanCreate checks if the user can create a new user <-> list relation // CanCreate checks if the user can create a new user <-> list relation
func (lu *ListUser) CanCreate(doer *User) bool { func (lu *ListUser) CanCreate(doer *User) bool {
// Get the list and check if the user has write access on it // Get the list and check if the user has write access on it
l := List{ID: lu.ListID} l := List{ID: lu.ListID}
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
Log.Error("Error occurred during CanCreate for ListUser: %s", err) log.Log.Error("Error occurred during CanCreate for ListUser: %s", err)
return false return false
} }
return l.CanWrite(doer) return l.CanWrite(doer)
@ -42,7 +20,7 @@ func (lu *ListUser) CanDelete(doer *User) bool {
// Get the list and check if the user has write access on it // Get the list and check if the user has write access on it
l := List{ID: lu.ListID} l := List{ID: lu.ListID}
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
Log.Error("Error occurred during CanDelete for ListUser: %s", err) log.Log.Error("Error occurred during CanDelete for ListUser: %s", err)
return false return false
} }
return l.CanWrite(doer) return l.CanWrite(doer)
@ -53,7 +31,7 @@ func (lu *ListUser) CanUpdate(doer *User) bool {
// Get the list and check if the user has write access on it // Get the list and check if the user has write access on it
l := List{ID: lu.ListID} l := List{ID: lu.ListID}
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
Log.Error("Error occurred during CanUpdate for ListUser: %s", err) log.Log.Error("Error occurred during CanUpdate for ListUser: %s", err)
return false return false
} }
return l.CanWrite(doer) return l.CanWrite(doer)

View file

@ -109,7 +109,7 @@ func (n *Namespace) ReadAll(doer *User) (interface{}, error) {
} }
// More details for the lists // More details for the lists
addListDetails(lists) AddListDetails(lists)
// Put objects in our namespace list // Put objects in our namespace list
for i, n := range all { for i, n := range all {

View file

@ -21,8 +21,8 @@ func (n *Namespace) Delete() (err error) {
// We need to do that for here because we need the list ids to delete two times: // We need to do that for here because we need the list ids to delete two times:
// 1) to delete the lists itself // 1) to delete the lists itself
// 2) to delete the list tasks // 2) to delete the list tasks
for _, list := range lists { for _, l := range lists {
listIDs = append(listIDs, list.ID) listIDs = append(listIDs, l.ID)
} }
// Delete tasks // Delete tasks

View file

@ -1,106 +1,110 @@
package models package models
import (
"code.vikunja.io/api/pkg/log"
)
// IsAdmin returns true or false if the user is admin on that namespace or not // IsAdmin returns true or false if the user is admin on that namespace or not
func (n *Namespace) IsAdmin(user *User) bool { func (n *Namespace) IsAdmin(u *User) bool {
// Owners always have admin rights // Owners always have admin rights
if user.ID == n.Owner.ID { if u.ID == n.Owner.ID {
return true return true
} }
// Check user rights // Check user rights
if n.checkUserRights(user, UserRightAdmin) { if n.checkUserRights(u, UserRightAdmin) {
return true return true
} }
// Check if that user is in a team which has admin rights to that namespace // Check if that user is in a team which has admin rights to that namespace
return n.checkTeamRights(user, TeamRightAdmin) return n.checkTeamRights(u, TeamRightAdmin)
} }
// CanWrite checks if a user has write access to a namespace // CanWrite checks if a user has write access to a namespace
func (n *Namespace) CanWrite(user *User) bool { func (n *Namespace) CanWrite(u *User) bool {
// Admins always have write access // Admins always have write access
if n.IsAdmin(user) { if n.IsAdmin(u) {
return true return true
} }
// Check user rights // Check user rights
if n.checkUserRights(user, UserRightWrite) { if n.checkUserRights(u, UserRightWrite) {
return true return true
} }
// Check if that user is in a team which has write rights to that namespace // Check if that user is in a team which has write rights to that namespace
return n.checkTeamRights(user, TeamRightWrite) return n.checkTeamRights(u, TeamRightWrite)
} }
// CanRead checks if a user has read access to that namespace // CanRead checks if a user has read access to that namespace
func (n *Namespace) CanRead(user *User) bool { func (n *Namespace) CanRead(u *User) bool {
// Admins always have read access // Admins always have read access
if n.IsAdmin(user) { if n.IsAdmin(u) {
return true return true
} }
// Check user rights // Check user rights
if n.checkUserRights(user, UserRightRead) { if n.checkUserRights(u, UserRightRead) {
return true return true
} }
// Check if the user is in a team which has access to the namespace // Check if the user is in a team which has access to the namespace
return n.checkTeamRights(user, TeamRightRead) return n.checkTeamRights(u, TeamRightRead)
} }
// CanUpdate checks if the user can update the namespace // CanUpdate checks if the user can update the namespace
func (n *Namespace) CanUpdate(user *User) bool { func (n *Namespace) CanUpdate(u *User) bool {
nn, err := GetNamespaceByID(n.ID) nn, err := GetNamespaceByID(n.ID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanUpdate for Namespace: %s", err) log.Log.Error("Error occurred during CanUpdate for Namespace: %s", err)
return false return false
} }
return nn.IsAdmin(user) return nn.IsAdmin(u)
} }
// CanDelete checks if the user can delete a namespace // CanDelete checks if the user can delete a namespace
func (n *Namespace) CanDelete(user *User) bool { func (n *Namespace) CanDelete(u *User) bool {
nn, err := GetNamespaceByID(n.ID) nn, err := GetNamespaceByID(n.ID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanDelete for Namespace: %s", err) log.Log.Error("Error occurred during CanDelete for Namespace: %s", err)
return false return false
} }
return nn.IsAdmin(user) return nn.IsAdmin(u)
} }
// CanCreate checks if the user can create a new namespace // CanCreate checks if the user can create a new namespace
func (n *Namespace) CanCreate(user *User) bool { func (n *Namespace) CanCreate(u *User) bool {
// This is currently a dummy function, later on we could imagine global limits etc. // This is currently a dummy function, later on we could imagine global limits etc.
return true return true
} }
func (n *Namespace) checkTeamRights(user *User, r TeamRight) bool { func (n *Namespace) checkTeamRights(u *User, r TeamRight) bool {
exists, err := x.Select("namespaces.*"). exists, err := x.Select("namespaces.*").
Table("namespaces"). Table("namespaces").
Join("LEFT", "team_namespaces", "namespaces.id = team_namespaces.namespace_id"). Join("LEFT", "team_namespaces", "namespaces.id = team_namespaces.namespace_id").
Join("LEFT", "team_members", "team_members.team_id = team_namespaces.team_id"). Join("LEFT", "team_members", "team_members.team_id = team_namespaces.team_id").
Where("namespaces.id = ? "+ Where("namespaces.id = ? "+
"AND (team_members.user_id = ? AND team_namespaces.right = ?) "+ "AND (team_members.user_id = ? AND team_namespaces.right = ?) "+
"OR namespaces.owner_id = ? ", n.ID, user.ID, r, user.ID). "OR namespaces.owner_id = ? ", n.ID, u.ID, r, u.ID).
Get(&Namespace{}) Get(&Namespace{})
if err != nil { if err != nil {
Log.Error("Error occurred during checkTeamRights for Namespace: %s, TeamRight: %d", err, r) log.Log.Error("Error occurred during checkTeamRights for Namespace: %s, TeamRight: %d", err, r)
return false return false
} }
return exists return exists
} }
func (n *Namespace) checkUserRights(user *User, r UserRight) bool { func (n *Namespace) checkUserRights(u *User, r UserRight) bool {
exists, err := x.Select("namespaces.*"). exists, err := x.Select("namespaces.*").
Table("namespaces"). Table("namespaces").
Join("LEFT", "users_namespace", "users_namespace.namespace_id = namespaces.id"). Join("LEFT", "users_namespace", "users_namespace.namespace_id = namespaces.id").
Where("namespaces.id = ? AND ("+ Where("namespaces.id = ? AND ("+
"namespaces.owner_id = ? "+ "namespaces.owner_id = ? "+
"OR (users_namespace.user_id = ? AND users_namespace.right = ?))", n.ID, user.ID, user.ID, r). "OR (users_namespace.user_id = ? AND users_namespace.right = ?))", n.ID, u.ID, u.ID, r).
Get(&Namespace{}) Get(&Namespace{})
if err != nil { if err != nil {
Log.Error("Error occurred during checkUserRights for Namespace: %s, UserRight: %d", err, r) log.Log.Error("Error occurred during checkUserRights for Namespace: %s, UserRight: %d", err, r)
return false return false
} }

View file

@ -1,7 +1,7 @@
package models package models
// Create creates a new namespace <-> user relation // Create creates a new namespace <-> user relation
func (un *NamespaceUser) Create(user *User) (err error) { func (un *NamespaceUser) Create(u *User) (err error) {
// Reset the id // Reset the id
un.ID = 0 un.ID = 0

View file

@ -1,13 +1,13 @@
package models package models
// ReadAll gets all users who have access to a namespace // ReadAll gets all users who have access to a namespace
func (un *NamespaceUser) ReadAll(user *User) (interface{}, error) { func (un *NamespaceUser) ReadAll(u *User) (interface{}, error) {
// Check if the user has access to the namespace // Check if the user has access to the namespace
l, err := GetNamespaceByID(un.NamespaceID) l, err := GetNamespaceByID(un.NamespaceID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
if !l.CanRead(user) { if !l.CanRead(u) {
return nil, ErrNeedToHaveNamespaceReadAccess{} return nil, ErrNeedToHaveNamespaceReadAccess{}
} }

View file

@ -1,11 +1,15 @@
package models package models
import (
"code.vikunja.io/api/pkg/log"
)
// CanCreate checks if the user can create a new user <-> namespace relation // CanCreate checks if the user can create a new user <-> namespace relation
func (nu *NamespaceUser) CanCreate(doer *User) bool { func (nu *NamespaceUser) CanCreate(doer *User) bool {
// Get the namespace and check if the user has write access on it // Get the namespace and check if the user has write access on it
n, err := GetNamespaceByID(nu.NamespaceID) n, err := GetNamespaceByID(nu.NamespaceID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanCreate for NamespaceUser: %s", err) log.Log.Error("Error occurred during CanCreate for NamespaceUser: %s", err)
return false return false
} }
return n.CanWrite(doer) return n.CanWrite(doer)
@ -16,7 +20,7 @@ func (nu *NamespaceUser) CanDelete(doer *User) bool {
// Get the namespace and check if the user has write access on it // Get the namespace and check if the user has write access on it
n, err := GetNamespaceByID(nu.NamespaceID) n, err := GetNamespaceByID(nu.NamespaceID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanCreate for NamespaceUser: %s", err) log.Log.Error("Error occurred during CanDelete for NamespaceUser: %s", err)
return false return false
} }
return n.CanWrite(doer) return n.CanWrite(doer)
@ -27,7 +31,7 @@ func (nu *NamespaceUser) CanUpdate(doer *User) bool {
// Get the namespace and check if the user has write access on it // Get the namespace and check if the user has write access on it
n, err := GetNamespaceByID(nu.NamespaceID) n, err := GetNamespaceByID(nu.NamespaceID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanCreate for NamespaceUser: %s", err) log.Log.Error("Error occurred during CanUpdate for NamespaceUser: %s", err)
return false return false
} }
return n.CanWrite(doer) return n.CanWrite(doer)

View file

@ -1,14 +1,14 @@
package models package models
// ReadAll implements the method to read all teams of a list // ReadAll implements the method to read all teams of a list
func (tl *TeamList) ReadAll(user *User) (interface{}, error) { func (tl *TeamList) ReadAll(u *User) (interface{}, error) {
// Check if the user can read the namespace // Check if the user can read the namespace
l := &List{ID: tl.ListID} l := &List{ID: tl.ListID}
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
return nil, err return nil, err
} }
if !l.CanRead(user) { if !l.CanRead(u) {
return nil, ErrNeedToHaveListReadAccess{ListID: tl.ListID, UserID: user.ID} return nil, ErrNeedToHaveListReadAccess{ListID: tl.ListID, UserID: u.ID}
} }
// Get the teams // Get the teams

View file

@ -1,20 +1,24 @@
package models package models
import (
"code.vikunja.io/api/pkg/log"
)
// CanCreate checks if the user can create a team <-> list relation // CanCreate checks if the user can create a team <-> list relation
func (tl *TeamList) CanCreate(user *User) bool { func (tl *TeamList) CanCreate(u *User) bool {
l := List{ID: tl.ListID} l := List{ID: tl.ListID}
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
Log.Error("Error occurred during CanCreate for TeamList: %s", err) log.Log.Error("Error occurred during CanCreate for TeamList: %s", err)
return false return false
} }
return l.IsAdmin(user) return l.IsAdmin(u)
} }
// CanDelete checks if the user can delete a team <-> list relation // CanDelete checks if the user can delete a team <-> list relation
func (tl *TeamList) CanDelete(user *User) bool { func (tl *TeamList) CanDelete(user *User) bool {
l := List{ID: tl.ListID} l := List{ID: tl.ListID}
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
Log.Error("Error occurred during CanDelete for TeamList: %s", err) log.Log.Error("Error occurred during CanDelete for TeamList: %s", err)
return false return false
} }
return l.IsAdmin(user) return l.IsAdmin(user)
@ -24,7 +28,7 @@ func (tl *TeamList) CanDelete(user *User) bool {
func (tl *TeamList) CanUpdate(user *User) bool { func (tl *TeamList) CanUpdate(user *User) bool {
l := List{ID: tl.ListID} l := List{ID: tl.ListID}
if err := l.GetSimpleByID(); err != nil { if err := l.GetSimpleByID(); err != nil {
Log.Error("Error occurred during CanUpdate for TeamList: %s", err) log.Log.Error("Error occurred during CanUpdate for TeamList: %s", err)
return false return false
} }
return l.IsAdmin(user) return l.IsAdmin(user)

View file

@ -15,67 +15,67 @@ func TestTeamList(t *testing.T) {
} }
// Dummyuser // Dummyuser
user, err := GetUserByID(1) u, err := GetUserByID(1)
assert.NoError(t, err) assert.NoError(t, err)
// Check normal creation // Check normal creation
assert.True(t, tl.CanCreate(&user)) assert.True(t, tl.CanCreate(&u))
err = tl.Create(&user) err = tl.Create(&u)
assert.NoError(t, err) assert.NoError(t, err)
// Check again // Check again
err = tl.Create(&user) err = tl.Create(&u)
assert.Error(t, err) assert.Error(t, err)
assert.True(t, IsErrTeamAlreadyHasAccess(err)) assert.True(t, IsErrTeamAlreadyHasAccess(err))
// Check with wrong rights // Check with wrong rights
tl2 := tl tl2 := tl
tl2.Right = TeamRightUnknown tl2.Right = TeamRightUnknown
err = tl2.Create(&user) err = tl2.Create(&u)
assert.Error(t, err) assert.Error(t, err)
assert.True(t, IsErrInvalidTeamRight(err)) assert.True(t, IsErrInvalidTeamRight(err))
// Check with inexistant team // Check with inexistant team
tl3 := tl tl3 := tl
tl3.TeamID = 3253 tl3.TeamID = 3253
err = tl3.Create(&user) err = tl3.Create(&u)
assert.Error(t, err) assert.Error(t, err)
assert.True(t, IsErrTeamDoesNotExist(err)) assert.True(t, IsErrTeamDoesNotExist(err))
// Check with inexistant list // Check with inexistant list
tl4 := tl tl4 := tl
tl4.ListID = 3252 tl4.ListID = 3252
err = tl4.Create(&user) err = tl4.Create(&u)
assert.Error(t, err) assert.Error(t, err)
assert.True(t, IsErrListDoesNotExist(err)) assert.True(t, IsErrListDoesNotExist(err))
// Test Read all // Test Read all
teams, err := tl.ReadAll(&user) teams, err := tl.ReadAll(&u)
assert.NoError(t, err) assert.NoError(t, err)
assert.Equal(t, reflect.TypeOf(teams).Kind(), reflect.Slice) assert.Equal(t, reflect.TypeOf(teams).Kind(), reflect.Slice)
s := reflect.ValueOf(teams) s := reflect.ValueOf(teams)
assert.Equal(t, s.Len(), 1) assert.Equal(t, s.Len(), 1)
// Test Read all for nonexistant list // Test Read all for nonexistant list
_, err = tl4.ReadAll(&user) _, err = tl4.ReadAll(&u)
assert.Error(t, err) assert.Error(t, err)
assert.True(t, IsErrListDoesNotExist(err)) assert.True(t, IsErrListDoesNotExist(err))
// Test Read all for a list where the user is owner of the namespace this list belongs to // Test Read all for a list where the user is owner of the namespace this list belongs to
tl5 := tl tl5 := tl
tl5.ListID = 2 tl5.ListID = 2
_, err = tl5.ReadAll(&user) _, err = tl5.ReadAll(&u)
assert.NoError(t, err) assert.NoError(t, err)
// Test read all for a list where the user not has access // Test read all for a list where the user not has access
tl6 := tl tl6 := tl
tl6.ListID = 3 tl6.ListID = 3
_, err = tl6.ReadAll(&user) _, err = tl6.ReadAll(&u)
assert.Error(t, err) assert.Error(t, err)
assert.True(t, IsErrNeedToHaveListReadAccess(err)) assert.True(t, IsErrNeedToHaveListReadAccess(err))
// Delete // Delete
assert.True(t, tl.CanDelete(&user)) assert.True(t, tl.CanDelete(&u))
err = tl.Delete() err = tl.Delete()
assert.NoError(t, err) assert.NoError(t, err)

View file

@ -1,22 +1,26 @@
package models package models
import (
"code.vikunja.io/api/pkg/log"
)
// CanCreate checks if the user can add a new tem member // CanCreate checks if the user can add a new tem member
func (tm *TeamMember) CanCreate(user *User) bool { func (tm *TeamMember) CanCreate(u *User) bool {
return tm.IsAdmin(user) return tm.IsAdmin(u)
} }
// CanDelete checks if the user can delete a new team member // CanDelete checks if the user can delete a new team member
func (tm *TeamMember) CanDelete(user *User) bool { func (tm *TeamMember) CanDelete(u *User) bool {
return tm.IsAdmin(user) return tm.IsAdmin(u)
} }
// IsAdmin checks if the user is team admin // IsAdmin checks if the user is team admin
func (tm *TeamMember) IsAdmin(user *User) bool { func (tm *TeamMember) IsAdmin(u *User) bool {
// A user can add a member to a team if he is admin of that team // A user can add a member to a team if he is admin of that team
exists, err := x.Where("user_id = ? AND team_id = ? AND admin = ?", user.ID, tm.TeamID, true). exists, err := x.Where("user_id = ? AND team_id = ? AND admin = ?", u.ID, tm.TeamID, true).
Get(&TeamMember{}) Get(&TeamMember{})
if err != nil { if err != nil {
Log.Error("Error occurred during IsAdmin for TeamMember: %s", err) log.Log.Error("Error occurred during IsAdmin for TeamMember: %s", err)
return false return false
} }
return exists return exists

View file

@ -1,10 +1,14 @@
package models package models
import (
"code.vikunja.io/api/pkg/log"
)
// CanCreate checks if one can create a new team <-> namespace relation // CanCreate checks if one can create a new team <-> namespace relation
func (tn *TeamNamespace) CanCreate(user *User) bool { func (tn *TeamNamespace) CanCreate(user *User) bool {
n, err := GetNamespaceByID(tn.NamespaceID) n, err := GetNamespaceByID(tn.NamespaceID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanCreate for TeamNamespace: %s", err) log.Log.Error("Error occurred during CanCreate for TeamNamespace: %s", err)
return false return false
} }
return n.IsAdmin(user) return n.IsAdmin(user)
@ -14,17 +18,17 @@ func (tn *TeamNamespace) CanCreate(user *User) bool {
func (tn *TeamNamespace) CanDelete(user *User) bool { func (tn *TeamNamespace) CanDelete(user *User) bool {
n, err := GetNamespaceByID(tn.NamespaceID) n, err := GetNamespaceByID(tn.NamespaceID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanDelete for TeamNamespace: %s", err) log.Log.Error("Error occurred during CanDelete for TeamNamespace: %s", err)
return false return false
} }
return n.IsAdmin(user) return n.IsAdmin(user)
} }
// CanUpdate checks if a user can update a team from a namespace. Only namespace admins can do that. // CanUpdate checks if a user can update a team from a Only namespace admins can do that.
func (tn *TeamNamespace) CanUpdate(user *User) bool { func (tn *TeamNamespace) CanUpdate(user *User) bool {
n, err := GetNamespaceByID(tn.NamespaceID) n, err := GetNamespaceByID(tn.NamespaceID)
if err != nil { if err != nil {
Log.Error("Error occurred during CanUpdate for TeamNamespace: %s", err) log.Log.Error("Error occurred during CanUpdate for TeamNamespace: %s", err)
return false return false
} }
return n.IsAdmin(user) return n.IsAdmin(user)

27
pkg/models/team_right.go Normal file
View file

@ -0,0 +1,27 @@
package models
// TeamRight defines the rights teams can have for lists/namespaces
type TeamRight int
// define unknown team right
const (
TeamRightUnknown = -1
)
// Enumerate all the team rights
const (
// Can read lists in a Team
TeamRightRead TeamRight = iota
// Can write tasks in a Team like lists and todo tasks. Cannot create new lists.
TeamRightWrite
// Can manage a list/namespace, can do everything
TeamRightAdmin
)
func (r TeamRight) isValid() error {
if r != TeamRightAdmin && r != TeamRightRead && r != TeamRightWrite {
return ErrInvalidTeamRight{r}
}
return nil
}

View file

@ -0,0 +1,58 @@
package models
import (
"code.vikunja.io/api/pkg/log"
)
// CanCreate checks if the user can create a new team
func (t *Team) CanCreate(u *User) bool {
// This is currently a dummy function, later on we could imagine global limits etc.
return true
}
// CanUpdate checks if the user can update a team
func (t *Team) CanUpdate(u *User) bool {
// Check if the current user is in the team and has admin rights in it
exists, err := x.Where("team_id = ?", t.ID).
And("user_id = ?", u.ID).
And("admin = ?", true).
Get(&TeamMember{})
if err != nil {
log.Log.Error("Error occurred during CanUpdate for Team: %s", err)
return false
}
return exists
}
// CanDelete checks if a user can delete a team
func (t *Team) CanDelete(u *User) bool {
return t.IsAdmin(u)
}
// IsAdmin returns true when the user is admin of a team
func (t *Team) IsAdmin(u *User) bool {
exists, err := x.Where("team_id = ?", t.ID).
And("user_id = ?", u.ID).
And("admin = ?", true).
Get(&TeamMember{})
if err != nil {
log.Log.Error("Error occurred during CanUpdate for Team: %s", err)
return false
}
return exists
}
// CanRead returns true if the user has read access to the team
func (t *Team) CanRead(user *User) bool {
// Check if the user is in the team
exists, err := x.Where("team_id = ?", t.ID).
And("user_id = ?", user.ID).
Get(&TeamMember{})
if err != nil {
log.Log.Error("Error occurred during CanUpdate for Team: %s", err)
return false
}
return exists
}

View file

@ -1,7 +1,7 @@
package models package models
import ( import (
"code.vikunja.io/api/models/mail" "code.vikunja.io/api/pkg/mail"
"fmt" "fmt"
"github.com/go-xorm/core" "github.com/go-xorm/core"
"github.com/go-xorm/xorm" "github.com/go-xorm/xorm"

View file

@ -1,8 +1,8 @@
package models package models
import ( import (
"code.vikunja.io/api/models/mail" "code.vikunja.io/api/pkg/mail"
"code.vikunja.io/api/models/utils" "code.vikunja.io/api/pkg/utils"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
) )

View file

@ -1,8 +1,8 @@
package models package models
import ( import (
"code.vikunja.io/api/models/mail" "code.vikunja.io/api/pkg/mail"
"code.vikunja.io/api/models/utils" "code.vikunja.io/api/pkg/utils"
) )
// PasswordReset holds the data to reset a password // PasswordReset holds the data to reset a password

27
pkg/models/user_right.go Normal file
View file

@ -0,0 +1,27 @@
package models
// UserRight defines the rights users can have for lists/namespaces
type UserRight int
// define unknown user right
const (
UserRightUnknown = -1
)
// Enumerate all the user rights
const (
// Can read lists in a User
UserRightRead UserRight = iota
// Can write tasks in a User like lists and todo tasks. Cannot create new lists.
UserRightWrite
// Can manage a list/namespace, can do everything
UserRightAdmin
)
func (r UserRight) isValid() error {
if r != UserRightAdmin && r != UserRightRead && r != UserRightWrite {
return ErrInvalidUserRight{r}
}
return nil
}

View file

@ -1,7 +1,7 @@
package models package models
import ( import (
"code.vikunja.io/api/models/utils" "code.vikunja.io/api/pkg/utils"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"testing" "testing"
) )

View file

@ -1,7 +1,7 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
"strconv" "strconv"

View file

@ -1,7 +1,7 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"crypto/md5" "crypto/md5"
"encoding/hex" "encoding/hex"
"github.com/dgrijalva/jwt-go" "github.com/dgrijalva/jwt-go"

View file

@ -1,6 +1,8 @@
package swagger package swagger
import "code.vikunja.io/api/models" import (
"code.vikunja.io/api/pkg/models"
)
// not actually a response, just a hack to get go-swagger to include definitions // not actually a response, just a hack to get go-swagger to include definitions
// of the various XYZOption structs // of the various XYZOption structs

View file

@ -1,6 +1,8 @@
package swagger package swagger
import "code.vikunja.io/api/models" import (
"code.vikunja.io/api/pkg/models"
)
// Message // Message
// swagger:response Message // swagger:response Message

View file

@ -1,7 +1,7 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"fmt" "fmt"
"github.com/dgrijalva/jwt-go" "github.com/dgrijalva/jwt-go"
"github.com/labstack/echo" "github.com/labstack/echo"

View file

@ -1,8 +1,8 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"code.vikunja.io/api/routes/crud" "code.vikunja.io/api/pkg/routes/crud"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
"strconv" "strconv"

View file

@ -1,8 +1,8 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"code.vikunja.io/api/routes/crud" "code.vikunja.io/api/pkg/routes/crud"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
) )

View file

@ -1,8 +1,8 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"code.vikunja.io/api/routes/crud" "code.vikunja.io/api/pkg/routes/crud"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
"strconv" "strconv"

View file

@ -1,8 +1,8 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"code.vikunja.io/api/routes/crud" "code.vikunja.io/api/pkg/routes/crud"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
) )

View file

@ -1,8 +1,8 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"code.vikunja.io/api/routes/crud" "code.vikunja.io/api/pkg/routes/crud"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
) )

View file

@ -1,8 +1,8 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"code.vikunja.io/api/routes/crud" "code.vikunja.io/api/pkg/routes/crud"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
) )

View file

@ -1,8 +1,8 @@
package v1 package v1
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"code.vikunja.io/api/routes/crud" "code.vikunja.io/api/pkg/routes/crud"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
) )

View file

@ -1,7 +1,8 @@
package crud package crud
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/log"
"code.vikunja.io/api/pkg/models"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
) )
@ -24,7 +25,7 @@ func (c *WebHandler) CreateWeb(ctx echo.Context) error {
// Check rights // Check rights
if !currentStruct.CanCreate(&currentUser) { if !currentStruct.CanCreate(&currentUser) {
models.Log.Noticef("%s [ID: %d] tried to create while not having the rights for it", currentUser.Username, currentUser.ID) log.Log.Noticef("%s [ID: %d] tried to create while not having the rights for it", currentUser.Username, currentUser.ID)
return echo.NewHTTPError(http.StatusForbidden) return echo.NewHTTPError(http.StatusForbidden)
} }

View file

@ -1,7 +1,8 @@
package crud package crud
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/log"
"code.vikunja.io/api/pkg/models"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
) )
@ -18,12 +19,12 @@ func (c *WebHandler) DeleteWeb(ctx echo.Context) error {
} }
// Check if the user has the right to delete // Check if the user has the right to delete
user, err := models.GetCurrentUser(ctx) currentUser, err := models.GetCurrentUser(ctx)
if err != nil { if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError) return echo.NewHTTPError(http.StatusInternalServerError)
} }
if !currentStruct.CanDelete(&user) { if !currentStruct.CanDelete(&currentUser) {
models.Log.Noticef("%s [ID: %d] tried to delete while not having the rights for it", user.Username, user.ID) log.Log.Noticef("%s [ID: %d] tried to delete while not having the rights for it", currentUser.Username, currentUser.ID)
return echo.NewHTTPError(http.StatusForbidden) return echo.NewHTTPError(http.StatusForbidden)
} }

View file

@ -1,7 +1,8 @@
package crud package crud
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/log"
"code.vikunja.io/api/pkg/models"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
) )
@ -24,6 +25,6 @@ func HandleHTTPError(err error) *echo.HTTPError {
errDetails := a.HTTPError() errDetails := a.HTTPError()
return echo.NewHTTPError(errDetails.HTTPCode, errDetails) return echo.NewHTTPError(errDetails.HTTPCode, errDetails)
} }
models.Log.Error(err.Error()) log.Log.Error(err.Error())
return echo.NewHTTPError(http.StatusInternalServerError) return echo.NewHTTPError(http.StatusInternalServerError)
} }

View file

@ -1,7 +1,7 @@
package crud package crud
import ( import (
"code.vikunja.io/api/models" "code.vikunja.io/api/pkg/models"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
) )

Some files were not shown because too many files have changed in this diff Show more