Fixed getting all lists of one namespace
This commit is contained in:
parent
b57ca9375a
commit
f59917e721
7 changed files with 68 additions and 56 deletions
|
@ -115,9 +115,9 @@ Teams sind global, d.h. Ein Team kann mehrere Namespaces verwalten.
|
||||||
Ein zu lösendes Problem: Wie regelt man die Berechtigungen um Teams zu verwalten?
|
Ein zu lösendes Problem: Wie regelt man die Berechtigungen um Teams zu verwalten?
|
||||||
|
|
||||||
* [ ] Namespaces
|
* [ ] Namespaces
|
||||||
* [ ] Erstellen
|
* [x] Erstellen
|
||||||
* [ ] Ansehen
|
* [x] Ansehen
|
||||||
* [ ] Bearbeiten
|
* [x] Bearbeiten
|
||||||
* [ ] Löschen
|
* [ ] Löschen
|
||||||
* [ ] Teams hinzufügen. Der Nutzer kriegt nur Teams angezeigt die er erstellt hat.
|
* [ ] Teams hinzufügen. Der Nutzer kriegt nur Teams angezeigt die er erstellt hat.
|
||||||
* [ ] Listen
|
* [ ] Listen
|
||||||
|
@ -157,5 +157,6 @@ Teams sind global, d.h. Ein Team kann mehrere Namespaces verwalten.
|
||||||
* [x] Swagger UI aufsetzen
|
* [x] Swagger UI aufsetzen
|
||||||
|
|
||||||
* [ ] Globale Limits für anlegbare Listen + Namespaces
|
* [ ] Globale Limits für anlegbare Listen + Namespaces
|
||||||
|
* [ ] Mgl., dass die Instanz geschlossen ist, also sich keiner registrieren kann, und man sich einloggen muss
|
||||||
* [ ] mgl. zum Emailmaskieren haben (in den Nutzereinstellungen, wenn man seine Email nicht an alle Welt rausposaunen will)
|
* [ ] mgl. zum Emailmaskieren haben (in den Nutzereinstellungen, wenn man seine Email nicht an alle Welt rausposaunen will)
|
||||||
* [ ] Mgl. zum Accountlöschen haben (so richtig krass mit emailverifiezierung und dass alle Privaten Listen gelöscht werden und man alle geteilten entweder wem übertragen muss oder auf provat stellen)
|
* [ ] Mgl. zum Accountlöschen haben (so richtig krass mit emailverifiezierung und dass alle Privaten Listen gelöscht werden und man alle geteilten entweder wem übertragen muss oder auf provat stellen)
|
|
@ -241,3 +241,21 @@ func IsErrNeedToBeNamespaceOwner(err error) bool {
|
||||||
func (err ErrNeedToBeNamespaceOwner) Error() string {
|
func (err ErrNeedToBeNamespaceOwner) Error() string {
|
||||||
return fmt.Sprintf("You need to be namespace owner to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID)
|
return fmt.Sprintf("You need to be namespace owner to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ErrUserDoesNotHaveAccessToNamespace represents an error, where the user is not the owner of that namespace (used i.e. when deleting a namespace)
|
||||||
|
type ErrUserDoesNotHaveAccessToNamespace struct {
|
||||||
|
NamespaceID int64
|
||||||
|
UserID int64
|
||||||
|
}
|
||||||
|
|
||||||
|
// IsErrUserDoesNotHaveAccessToNamespace checks if an error is a ErrNamespaceDoesNotExist.
|
||||||
|
func IsErrUserDoesNotHaveAccessToNamespace(err error) bool {
|
||||||
|
_, ok := err.(ErrUserDoesNotHaveAccessToNamespace)
|
||||||
|
return ok
|
||||||
|
}
|
||||||
|
|
||||||
|
func (err ErrUserDoesNotHaveAccessToNamespace) Error() string {
|
||||||
|
return fmt.Sprintf("You need to be namespace owner to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID)
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -10,12 +10,11 @@ func CreateOrUpdateListItem(item *ListItem) (newItem *ListItem, err error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the user exists
|
// Check if the user exists
|
||||||
user, _, err := GetUserByID(item.CreatedBy.ID)
|
item.CreatedBy, _, err = GetUserByID(item.CreatedBy.ID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
item.CreatedByID = item.CreatedBy.ID
|
item.CreatedByID = item.CreatedBy.ID
|
||||||
item.CreatedBy = user
|
|
||||||
|
|
||||||
// TODO: Check if the user has the right to add/update an item to that list
|
// TODO: Check if the user has the right to add/update an item to that list
|
||||||
|
|
||||||
|
|
|
@ -65,10 +65,6 @@ func GetListsByUser(user *User) (lists []*List, err error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func GetListsByNamespaceID(nID int64) (lists []*List, err error) {
|
func GetListsByNamespaceID(nID int64) (lists []*List, err error) {
|
||||||
exists, err := x.Where("namespace_id = ?", nID).Get(lists)
|
err = x.Where("namespace_id = ?", nID).Find(&lists)
|
||||||
if !exists {
|
return lists, err
|
||||||
return lists, ErrNamespaceDoesNotExist{}
|
|
||||||
}
|
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -47,15 +47,15 @@ func (user *User) IsNamespaceAdmin(namespace *Namespace) (ok bool, err error) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
func (user *User) HasNamespaceAccess(namespace *Namespace) (has bool, err error) {
|
func (user *User) HasNamespaceAccess(namespace *Namespace) (err error) {
|
||||||
// Owners always have access
|
// Owners always have access
|
||||||
if user.ID == namespace.Owner.ID {
|
if user.ID == namespace.Owner.ID {
|
||||||
return true, nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the user is in a team which has access to the namespace
|
// Check if the user is in a team which has access to the namespace
|
||||||
|
|
||||||
return
|
return ErrUserDoesNotHaveAccessToNamespace{UserID:user.ID, NamespaceID:namespace.ID}
|
||||||
}
|
}
|
||||||
|
|
||||||
func GetNamespaceByID(id int64) (namespace Namespace, err error) {
|
func GetNamespaceByID(id int64) (namespace Namespace, err error) {
|
||||||
|
|
|
@ -4,7 +4,7 @@ import (
|
||||||
"git.kolaente.de/konrad/list/models"
|
"git.kolaente.de/konrad/list/models"
|
||||||
"github.com/labstack/echo"
|
"github.com/labstack/echo"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strconv"
|
"fmt"
|
||||||
)
|
)
|
||||||
|
|
||||||
func GetListsByNamespaceID(c echo.Context) error {
|
func GetListsByNamespaceID(c echo.Context) error {
|
||||||
|
@ -29,38 +29,26 @@ func GetListsByNamespaceID(c echo.Context) error {
|
||||||
// "500":
|
// "500":
|
||||||
// "$ref": "#/responses/Message"
|
// "$ref": "#/responses/Message"
|
||||||
|
|
||||||
// Check if we have our ID
|
// Get our namespace
|
||||||
id := c.Param("id")
|
namespace, err := getNamespace(c)
|
||||||
// Make int
|
|
||||||
namespaceID, err := strconv.ParseInt(id, 10, 64)
|
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."})
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check if the user has acces to that namespace
|
|
||||||
user, err := models.GetCurrentUser(c)
|
|
||||||
if err != nil {
|
|
||||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
|
||||||
}
|
|
||||||
has, err := user.HasNamespaceAccess(&models.Namespace{ID: namespaceID})
|
|
||||||
if err != nil {
|
|
||||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
|
||||||
}
|
|
||||||
if !has {
|
|
||||||
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
|
|
||||||
}
|
|
||||||
|
|
||||||
// Get the lists
|
|
||||||
lists, err := models.GetListsByNamespaceID(namespaceID)
|
|
||||||
if err != nil {
|
|
||||||
|
|
||||||
if models.IsErrNamespaceDoesNotExist(err) {
|
if models.IsErrNamespaceDoesNotExist(err) {
|
||||||
return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."})
|
return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."})
|
||||||
}
|
}
|
||||||
|
if models.IsErrUserDoesNotHaveAccessToNamespace(err) {
|
||||||
|
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
|
||||||
|
}
|
||||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get the lists
|
||||||
|
lists, err := models.GetListsByNamespaceID(namespace.ID)
|
||||||
|
if err != nil {
|
||||||
|
if models.IsErrNamespaceDoesNotExist(err) {
|
||||||
|
return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."})
|
||||||
|
}
|
||||||
|
fmt.Println(err)
|
||||||
|
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||||
|
}
|
||||||
return c.JSON(http.StatusOK, lists)
|
return c.JSON(http.StatusOK, lists)
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,37 +29,47 @@ func ShowNamespace(c echo.Context) error {
|
||||||
// "500":
|
// "500":
|
||||||
// "$ref": "#/responses/Message"
|
// "$ref": "#/responses/Message"
|
||||||
|
|
||||||
|
namespace, err := getNamespace(c)
|
||||||
|
if err != nil {
|
||||||
|
if models.IsErrNamespaceDoesNotExist(err) {
|
||||||
|
return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."})
|
||||||
|
}
|
||||||
|
if models.IsErrUserDoesNotHaveAccessToNamespace(err) {
|
||||||
|
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
|
||||||
|
}
|
||||||
|
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.JSON(http.StatusOK, namespace)
|
||||||
|
}
|
||||||
|
|
||||||
|
func getNamespace(c echo.Context) (namespace models.Namespace, err error) {
|
||||||
// Check if we have our ID
|
// Check if we have our ID
|
||||||
id := c.Param("id")
|
id := c.Param("id")
|
||||||
// Make int
|
// Make int
|
||||||
namespaceID, err := strconv.ParseInt(id, 10, 64)
|
namespaceID, err := strconv.ParseInt(id, 10, 64)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."})
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get the namespace
|
// Get the namespace
|
||||||
namespace, err := models.GetNamespaceByID(namespaceID)
|
namespace, err = models.GetNamespaceByID(namespaceID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if models.IsErrNamespaceDoesNotExist(err) {
|
if models.IsErrNamespaceDoesNotExist(err) {
|
||||||
return c.JSON(http.StatusBadRequest, models.Message{"The namespace does not exist."})
|
return
|
||||||
}
|
}
|
||||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the user has acces to that namespace
|
// Check if the user has acces to that namespace
|
||||||
user, err := models.GetCurrentUser(c)
|
user, err := models.GetCurrentUser(c)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
return
|
||||||
}
|
}
|
||||||
|
err = user.HasNamespaceAccess(&namespace)
|
||||||
has, err := user.HasNamespaceAccess(&namespace)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
return
|
||||||
}
|
|
||||||
if !has {
|
|
||||||
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return c.JSON(http.StatusOK, namespace)
|
return
|
||||||
}
|
}
|
Loading…
Reference in a new issue