local-it/vikunja-api
0
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Implemented method to add a list to a namespace

Browse source
This commit is contained in:
kolaente 2018-07-05 08:52:05 +02:00
parent 93efaa95f8
commit 462dfc8868
No known key found for this signature in database
GPG key ID: F40E70337AB24C9B
7 changed files with 163 additions and 77 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Featurecreep.md
View file

@ -118,7 +118,7 @@ Teams sind global, d.h. Ein Team kann mehrere Namespaces verwalten.
* [x] Erstellen * [x] Erstellen
* [x] Ansehen * [x] Ansehen
* [x] Bearbeiten * [x] Bearbeiten
* [ ] Löschen * [x] Löschen
* [ ] Teams hinzufügen. Der Nutzer kriegt nur Teams angezeigt die er erstellt hat. * [ ] Teams hinzufügen. Der Nutzer kriegt nur Teams angezeigt die er erstellt hat.
* [x] Alle Listen eines Namespaces anzeigen * [x] Alle Listen eines Namespaces anzeigen
* [ ] Listen * [ ] Listen

20
models/error.go
View file

@ -255,7 +255,7 @@ func IsErrUserDoesNotHaveAccessToNamespace(err error) bool {
} }
func (err ErrUserDoesNotHaveAccessToNamespace) Error() string { func (err ErrUserDoesNotHaveAccessToNamespace) Error() string {
return fmt.Sprintf("You need to be namespace owner to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID) return fmt.Sprintf("You need to have access to this namespace to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID)
} }
// ErrUserNeedsToBeNamespaceAdmin represents an error, where the user is not the owner of that namespace (used i.e. when deleting a namespace) // ErrUserNeedsToBeNamespaceAdmin represents an error, where the user is not the owner of that namespace (used i.e. when deleting a namespace)
@ -271,5 +271,21 @@ func IsErrUserNeedsToBeNamespaceAdmin(err error) bool {
} }
func (err ErrUserNeedsToBeNamespaceAdmin) Error() string { func (err ErrUserNeedsToBeNamespaceAdmin) Error() string {
return fmt.Sprintf("You need to be namespace owner to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID) return fmt.Sprintf("You need to be namespace admin to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID)
}
// ErrUserDoesNotHaveWriteAccessToNamespace represents an error, where the user is not the owner of that namespace (used i.e. when deleting a namespace)
type ErrUserDoesNotHaveWriteAccessToNamespace struct {
NamespaceID int64
UserID int64
}
// IsErrUserDoesNotHaveWriteAccessToNamespace checks if an error is a ErrNamespaceDoesNotExist.
func IsErrUserDoesNotHaveWriteAccessToNamespace(err error) bool {
_, ok := err.(ErrUserDoesNotHaveWriteAccessToNamespace)
return ok
}
func (err ErrUserDoesNotHaveWriteAccessToNamespace) Error() string {
return fmt.Sprintf("You need to have write access to this namespace to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID)
} }

16
models/helper.go Normal file
View file

@ -0,0 +1,16 @@
package models
import (
"github.com/labstack/echo"
"strconv"
)
func GetIntURLParam(param string, c echo.Context) (intParam int64, err error) {
id := c.Param(param)
if id != "" {
intParam, err = strconv.ParseInt(id, 10, 64)
}
return intParam, err
}

12
models/namespaces.go
View file

@ -58,6 +58,18 @@ func (user *User) HasNamespaceAccess(namespace *Namespace) (err error) {
return ErrUserDoesNotHaveAccessToNamespace{UserID: user.ID, NamespaceID: namespace.ID} return ErrUserDoesNotHaveAccessToNamespace{UserID: user.ID, NamespaceID: namespace.ID}
} }
func (user *User) HasNamespaceWriteAccess(namespace *Namespace) (err error) {
// Owners always have access
if user.ID == namespace.Owner.ID {
return nil
}
// Check if the user is in a team which has write access to the namespace
return ErrUserDoesNotHaveAccessToNamespace{UserID: user.ID, NamespaceID: namespace.ID}
}
func GetNamespaceByID(id int64) (namespace Namespace, err error) { func GetNamespaceByID(id int64) (namespace Namespace, err error) {
namespace.ID = id namespace.ID = id
exists, err := x.Get(&namespace) exists, err := x.Get(&namespace)

80
public/swagger/swagger.v1.json
View file

@ -122,42 +122,6 @@
"$ref": "#/responses/Message" "$ref": "#/responses/Message"
} }
} }
},
"put": {
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"lists"
],
"summary": "Creates a new list owned by the currently logged in user",
"operationId": "addList",
"parameters": [
{
"name": "body",
"in": "body",
"schema": {
"$ref": "#/definitions/List"
}
}
],
"responses": {
"200": {
"$ref": "#/responses/List"
},
"400": {
"$ref": "#/responses/Message"
},
"403": {
"$ref": "#/responses/Message"
},
"500": {
"$ref": "#/responses/Message"
}
}
} }
}, },
"/lists/{listID}": { "/lists/{listID}": {
@ -561,6 +525,50 @@
"$ref": "#/responses/Message" "$ref": "#/responses/Message"
} }
} }
},
"put": {
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"lists"
],
"summary": "Creates a new list owned by the currently logged in user in that namespace",
"operationId": "addList",
"parameters": [
{
"type": "string",
"description": "ID of the namespace that list should belong to",
"name": "namespaceID",
"in": "path",
"required": true
},
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/List"
}
}
],
"responses": {
"200": {
"$ref": "#/responses/List"
},
"400": {
"$ref": "#/responses/Message"
},
"403": {
"$ref": "#/responses/Message"
},
"500": {
"$ref": "#/responses/Message"
}
}
} }
}, },
"/register": { "/register": {

107
routes/api/v1/lists_add_update.go
View file

@ -4,20 +4,25 @@ import (
"git.kolaente.de/konrad/list/models" "git.kolaente.de/konrad/list/models"
"github.com/labstack/echo" "github.com/labstack/echo"
"net/http" "net/http"
"strconv"
) )
func AddList(c echo.Context) error { func AddList(c echo.Context) error {
// swagger:operation PUT /lists lists addList // swagger:operation PUT /namespaces/{namespaceID}/lists lists addList
// --- // ---
// summary: Creates a new list owned by the currently logged in user // summary: Creates a new list owned by the currently logged in user in that namespace
// consumes: // consumes:
// - application/json // - application/json
// produces: // produces:
// - application/json // - application/json
// parameters: // parameters:
// - name: namespaceID
// in: path
// description: ID of the namespace that list should belong to
// type: string
// required: true
// - name: body // - name: body
// in: body // in: body
// required: true
// schema: // schema:
// "$ref": "#/definitions/List" // "$ref": "#/definitions/List"
// responses: // responses:
@ -30,7 +35,55 @@ func AddList(c echo.Context) error {
// "500": // "500":
// "$ref": "#/responses/Message" // "$ref": "#/responses/Message"
return addOrUpdateList(c) // Get the list
var list *models.List
if err := c.Bind(&list); err != nil {
return c.JSON(http.StatusBadRequest, models.Message{"No list model provided."})
}
// Get the namespace ID
var err error
list.NamespaceID, err = models.GetIntURLParam("nID", c)
if err != nil {
return c.JSON(http.StatusBadRequest, models.Message{"Invalid namespace ID."})
}
// Get the current user for later checks
user, err := models.GetCurrentUser(c)
if err != nil {
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
}
list.Owner = user
// Get the namespace
namespace, err := models.GetNamespaceByID(list.NamespaceID)
if err != nil {
if models.IsErrNamespaceDoesNotExist(err) {
return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."})
}
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
}
// Check if the user has write acces to that namespace
err = user.HasNamespaceWriteAccess(&namespace)
if err != nil {
if models.IsErrUserDoesNotHaveAccessToNamespace(err) {
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
}
if models.IsErrUserDoesNotHaveWriteAccessToNamespace(err) {
return c.JSON(http.StatusForbidden, models.Message{"You don't have write access to this namespace."})
}
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
}
// Create the new list
err = models.CreateOrUpdateList(list)
if err != nil {
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
}
return c.JSON(http.StatusOK, list)
} }
func UpdateList(c echo.Context) error { func UpdateList(c echo.Context) error {
@ -61,12 +114,6 @@ func UpdateList(c echo.Context) error {
// "500": // "500":
// "$ref": "#/responses/Message" // "$ref": "#/responses/Message"
return addOrUpdateList(c)
}
// AddOrUpdateList Adds or updates a new list
func addOrUpdateList(c echo.Context) error {
// Get the list // Get the list
var list *models.List var list *models.List
@ -74,22 +121,16 @@ func addOrUpdateList(c echo.Context) error {
return c.JSON(http.StatusBadRequest, models.Message{"No list model provided."}) return c.JSON(http.StatusBadRequest, models.Message{"No list model provided."})
} }
// Check if we have an ID other than the one in the struct // Get the list ID
id := c.Param("id") var err error
if id != "" { list.ID, err = models.GetIntURLParam("id", c)
// Make int if err != nil {
listID, err := strconv.ParseInt(id, 10, 64) return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."})
if err != nil {
return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."})
}
list.ID = listID
} }
// Check if the list exists // Check if the list exists
// ID = 0 means new list, no error // ID = 0 means new list, no error
var oldList models.List var oldList models.List
var err error
if list.ID != 0 { if list.ID != 0 {
oldList, err = models.GetListByID(list.ID) oldList, err = models.GetListByID(list.ID)
if err != nil { if err != nil {
@ -107,22 +148,16 @@ func addOrUpdateList(c echo.Context) error {
} }
list.Owner = user list.Owner = user
// update or create... // Check if the user owns the list
if list.ID == 0 { // TODO use list function for that
err = models.CreateOrUpdateList(list) if user.ID != oldList.Owner.ID {
if err != nil { return c.JSON(http.StatusForbidden, models.Message{"You cannot edit a list you don't own."})
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) }
}
} else {
// Check if the user owns the list
if user.ID != oldList.Owner.ID {
return c.JSON(http.StatusForbidden, models.Message{"You cannot edit a list you don't own."})
}
err = models.CreateOrUpdateList(list) // Update the list
if err != nil { err = models.CreateOrUpdateList(list)
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."}) if err != nil {
} return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
} }
return c.JSON(http.StatusOK, list) return c.JSON(http.StatusOK, list)

3
routes/routes.go
View file

@ -84,7 +84,6 @@ func RegisterRoutes(e *echo.Echo) {
a.POST("/tokenTest", apiv1.CheckToken) a.POST("/tokenTest", apiv1.CheckToken)
a.GET("/lists", apiv1.GetListsByUser) a.GET("/lists", apiv1.GetListsByUser)
a.PUT("/lists", apiv1.AddList)
a.GET("/lists/:id", apiv1.GetListByID) a.GET("/lists/:id", apiv1.GetListByID)
a.POST("/lists/:id", apiv1.UpdateList) a.POST("/lists/:id", apiv1.UpdateList)
a.PUT("/lists/:id", apiv1.AddListItem) a.PUT("/lists/:id", apiv1.AddListItem)
@ -99,5 +98,5 @@ func RegisterRoutes(e *echo.Echo) {
a.POST("/namespaces/:id", apiv1.UpdateNamespace) a.POST("/namespaces/:id", apiv1.UpdateNamespace)
a.DELETE("/namespaces/:id", apiv1.DeleteNamespaceByID) a.DELETE("/namespaces/:id", apiv1.DeleteNamespaceByID)
a.GET("/namespaces/:id/lists", apiv1.GetListsByNamespaceID) a.GET("/namespaces/:id/lists", apiv1.GetListsByNamespaceID)
//a.PUT("/namespaces/:id/lists") // Creates a new list in that namespace a.PUT("/namespaces/:id/lists", apiv1.AddList)
} }