Fixed getting all lists of one namespace
This commit is contained in:
parent
b57ca9375a
commit
f59917e721
7 changed files with 68 additions and 56 deletions
|
@ -115,9 +115,9 @@ Teams sind global, d.h. Ein Team kann mehrere Namespaces verwalten.
|
|||
Ein zu lösendes Problem: Wie regelt man die Berechtigungen um Teams zu verwalten?
|
||||
|
||||
* [ ] Namespaces
|
||||
* [ ] Erstellen
|
||||
* [ ] Ansehen
|
||||
* [ ] Bearbeiten
|
||||
* [x] Erstellen
|
||||
* [x] Ansehen
|
||||
* [x] Bearbeiten
|
||||
* [ ] Löschen
|
||||
* [ ] Teams hinzufügen. Der Nutzer kriegt nur Teams angezeigt die er erstellt hat.
|
||||
* [ ] Listen
|
||||
|
@ -157,5 +157,6 @@ Teams sind global, d.h. Ein Team kann mehrere Namespaces verwalten.
|
|||
* [x] Swagger UI aufsetzen
|
||||
|
||||
* [ ] Globale Limits für anlegbare Listen + Namespaces
|
||||
* [ ] Mgl., dass die Instanz geschlossen ist, also sich keiner registrieren kann, und man sich einloggen muss
|
||||
* [ ] mgl. zum Emailmaskieren haben (in den Nutzereinstellungen, wenn man seine Email nicht an alle Welt rausposaunen will)
|
||||
* [ ] Mgl. zum Accountlöschen haben (so richtig krass mit emailverifiezierung und dass alle Privaten Listen gelöscht werden und man alle geteilten entweder wem übertragen muss oder auf provat stellen)
|
|
@ -241,3 +241,21 @@ func IsErrNeedToBeNamespaceOwner(err error) bool {
|
|||
func (err ErrNeedToBeNamespaceOwner) Error() string {
|
||||
return fmt.Sprintf("You need to be namespace owner to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID)
|
||||
}
|
||||
|
||||
// ErrUserDoesNotHaveAccessToNamespace represents an error, where the user is not the owner of that namespace (used i.e. when deleting a namespace)
|
||||
type ErrUserDoesNotHaveAccessToNamespace struct {
|
||||
NamespaceID int64
|
||||
UserID int64
|
||||
}
|
||||
|
||||
// IsErrUserDoesNotHaveAccessToNamespace checks if an error is a ErrNamespaceDoesNotExist.
|
||||
func IsErrUserDoesNotHaveAccessToNamespace(err error) bool {
|
||||
_, ok := err.(ErrUserDoesNotHaveAccessToNamespace)
|
||||
return ok
|
||||
}
|
||||
|
||||
func (err ErrUserDoesNotHaveAccessToNamespace) Error() string {
|
||||
return fmt.Sprintf("You need to be namespace owner to do that [NamespaceID: %d, UserID: %d]", err.NamespaceID, err.UserID)
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -10,12 +10,11 @@ func CreateOrUpdateListItem(item *ListItem) (newItem *ListItem, err error) {
|
|||
}
|
||||
|
||||
// Check if the user exists
|
||||
user, _, err := GetUserByID(item.CreatedBy.ID)
|
||||
item.CreatedBy, _, err = GetUserByID(item.CreatedBy.ID)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
item.CreatedByID = item.CreatedBy.ID
|
||||
item.CreatedBy = user
|
||||
|
||||
// TODO: Check if the user has the right to add/update an item to that list
|
||||
|
||||
|
|
|
@ -65,10 +65,6 @@ func GetListsByUser(user *User) (lists []*List, err error) {
|
|||
}
|
||||
|
||||
func GetListsByNamespaceID(nID int64) (lists []*List, err error) {
|
||||
exists, err := x.Where("namespace_id = ?", nID).Get(lists)
|
||||
if !exists {
|
||||
return lists, ErrNamespaceDoesNotExist{}
|
||||
}
|
||||
|
||||
return
|
||||
err = x.Where("namespace_id = ?", nID).Find(&lists)
|
||||
return lists, err
|
||||
}
|
||||
|
|
|
@ -47,15 +47,15 @@ func (user *User) IsNamespaceAdmin(namespace *Namespace) (ok bool, err error) {
|
|||
return
|
||||
}
|
||||
|
||||
func (user *User) HasNamespaceAccess(namespace *Namespace) (has bool, err error) {
|
||||
func (user *User) HasNamespaceAccess(namespace *Namespace) (err error) {
|
||||
// Owners always have access
|
||||
if user.ID == namespace.Owner.ID {
|
||||
return true, nil
|
||||
return nil
|
||||
}
|
||||
|
||||
// Check if the user is in a team which has access to the namespace
|
||||
|
||||
return
|
||||
return ErrUserDoesNotHaveAccessToNamespace{UserID:user.ID, NamespaceID:namespace.ID}
|
||||
}
|
||||
|
||||
func GetNamespaceByID(id int64) (namespace Namespace, err error) {
|
||||
|
|
|
@ -4,7 +4,7 @@ import (
|
|||
"git.kolaente.de/konrad/list/models"
|
||||
"github.com/labstack/echo"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"fmt"
|
||||
)
|
||||
|
||||
func GetListsByNamespaceID(c echo.Context) error {
|
||||
|
@ -29,38 +29,26 @@ func GetListsByNamespaceID(c echo.Context) error {
|
|||
// "500":
|
||||
// "$ref": "#/responses/Message"
|
||||
|
||||
// Check if we have our ID
|
||||
id := c.Param("id")
|
||||
// Make int
|
||||
namespaceID, err := strconv.ParseInt(id, 10, 64)
|
||||
|
||||
// Get our namespace
|
||||
namespace, err := getNamespace(c)
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."})
|
||||
}
|
||||
|
||||
// Check if the user has acces to that namespace
|
||||
user, err := models.GetCurrentUser(c)
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||
}
|
||||
has, err := user.HasNamespaceAccess(&models.Namespace{ID: namespaceID})
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||
}
|
||||
if !has {
|
||||
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
|
||||
}
|
||||
|
||||
// Get the lists
|
||||
lists, err := models.GetListsByNamespaceID(namespaceID)
|
||||
if err != nil {
|
||||
|
||||
if models.IsErrNamespaceDoesNotExist(err) {
|
||||
return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."})
|
||||
}
|
||||
|
||||
if models.IsErrUserDoesNotHaveAccessToNamespace(err) {
|
||||
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
|
||||
}
|
||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||
}
|
||||
|
||||
// Get the lists
|
||||
lists, err := models.GetListsByNamespaceID(namespace.ID)
|
||||
if err != nil {
|
||||
if models.IsErrNamespaceDoesNotExist(err) {
|
||||
return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."})
|
||||
}
|
||||
fmt.Println(err)
|
||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||
}
|
||||
return c.JSON(http.StatusOK, lists)
|
||||
}
|
||||
|
|
|
@ -29,37 +29,47 @@ func ShowNamespace(c echo.Context) error {
|
|||
// "500":
|
||||
// "$ref": "#/responses/Message"
|
||||
|
||||
namespace, err := getNamespace(c)
|
||||
if err != nil {
|
||||
if models.IsErrNamespaceDoesNotExist(err) {
|
||||
return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."})
|
||||
}
|
||||
if models.IsErrUserDoesNotHaveAccessToNamespace(err) {
|
||||
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
|
||||
}
|
||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||
}
|
||||
|
||||
return c.JSON(http.StatusOK, namespace)
|
||||
}
|
||||
|
||||
func getNamespace(c echo.Context) (namespace models.Namespace, err error) {
|
||||
// Check if we have our ID
|
||||
id := c.Param("id")
|
||||
// Make int
|
||||
namespaceID, err := strconv.ParseInt(id, 10, 64)
|
||||
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."})
|
||||
return
|
||||
}
|
||||
|
||||
// Get the namespace
|
||||
namespace, err := models.GetNamespaceByID(namespaceID)
|
||||
namespace, err = models.GetNamespaceByID(namespaceID)
|
||||
if err != nil {
|
||||
if models.IsErrNamespaceDoesNotExist(err) {
|
||||
return c.JSON(http.StatusBadRequest, models.Message{"The namespace does not exist."})
|
||||
return
|
||||
}
|
||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||
return
|
||||
}
|
||||
|
||||
// Check if the user has acces to that namespace
|
||||
user, err := models.GetCurrentUser(c)
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||
return
|
||||
}
|
||||
|
||||
has, err := user.HasNamespaceAccess(&namespace)
|
||||
err = user.HasNamespaceAccess(&namespace)
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
||||
}
|
||||
if !has {
|
||||
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
|
||||
return
|
||||
}
|
||||
|
||||
return c.JSON(http.StatusOK, namespace)
|
||||
return
|
||||
}
|
Loading…
Reference in a new issue