Implemented CanCreate method

This commit is contained in:
konrad 2018-07-12 23:16:32 +02:00 committed by kolaente
parent 6fd2a97574
commit ddcc063b0b
No known key found for this signature in database
GPG key ID: F40E70337AB24C9B
6 changed files with 26 additions and 9 deletions

View file

@ -40,15 +40,6 @@ func (l *List) Create(doer *User, id int64) (err error) {
return return
} }
// Get the namespace of the list to check if the user can write to it
namespace, err := GetNamespaceByID(l.NamespaceID)
if err != nil {
return
}
if !namespace.CanWrite(doer) {
return ErrUserDoesNotHaveWriteAccessToNamespace{UserID: user.ID, NamespaceID: namespace.ID}
}
l.Owner.ID = user.ID l.Owner.ID = user.ID
return CreateOrUpdateList(l) return CreateOrUpdateList(l)

View file

@ -16,3 +16,10 @@ func (i *ListItem) CanUpdate(doer *User, id int64) bool {
list, _ := GetListByID(lI.ListID) list, _ := GetListByID(lI.ListID)
return list.CanWrite(doer) return list.CanWrite(doer)
} }
// CanCreate determines if a user has the right to create a list item
func (i *ListItem) CanCreate(doer *User, lID int64) bool {
// A user can create an item if he has write acces to its list
list, _ := GetListByID(lID)
return list.CanWrite(doer)
}

View file

@ -90,3 +90,10 @@ func (l *List) CanUpdate(doer *User, id int64) bool {
list, _ := GetListByID(id) list, _ := GetListByID(id)
return list.CanWrite(doer) return list.CanWrite(doer)
} }
// CanCreate checks if the user can update a list
func (l *List) CanCreate(doer *User, nID int64) bool {
// A user can create a list if he has write access to the namespace
n, _ := GetNamespaceByID(nID)
return n.CanWrite(doer)
}

View file

@ -87,3 +87,9 @@ func (n *Namespace) CanUpdate(user *User, id int64) bool {
nn, _ := GetNamespaceByID(id) nn, _ := GetNamespaceByID(id)
return nn.IsAdmin(user) return nn.IsAdmin(user)
} }
// CanCreate checks if the user can create a new namespace
func (n *Namespace) CanCreate(user *User, id int64) bool {
// This is currently a dummy function, later on we could imagine global limits etc.
return true
}

View file

@ -7,4 +7,5 @@ type Rights interface {
CanRead(*User) bool CanRead(*User) bool
CanDelete(*User) bool CanDelete(*User) bool
CanUpdate(*User, int64) bool CanUpdate(*User, int64) bool
CanCreate(*User, int64) bool
} }

View file

@ -28,6 +28,11 @@ func (c *WebHandler) CreateWeb(ctx echo.Context) error {
} }
} }
// Check rights
if !c.CObject.CanCreate(&currentUser, id) {
return echo.NewHTTPError(http.StatusForbidden)
}
// Create // Create
err = c.CObject.Create(&currentUser, id) err = c.CObject.Create(&currentUser, id)
if err != nil { if err != nil {