Refactored config
This commit is contained in:
parent
1c90eb2253
commit
fcaf01fb20
15
Readme.md
15
Readme.md
|
@ -120,17 +120,12 @@ not allowed to do and so on.
|
||||||
#### Full Example
|
#### Full Example
|
||||||
|
|
||||||
```go
|
```go
|
||||||
e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
|
handler.SetAuthProvider(&web.Auths{
|
||||||
return func(c echo.Context) error {
|
AuthObject: func(echo.Context) (web.Auth, error) {
|
||||||
c.Set("AuthProvider", &web.Auths{
|
return models.GetCurrentUser(c) // Your functions
|
||||||
AuthObject: func(echo.Context) (web.Auth, error) {
|
},
|
||||||
return models.GetCurrentUser(c) // Your functions
|
|
||||||
},
|
|
||||||
})
|
|
||||||
c.Set("LoggingProvider", &log.Log)
|
|
||||||
return next(c)
|
|
||||||
}
|
|
||||||
})
|
})
|
||||||
|
handler.SetLoggingProvider(&log.Log)
|
||||||
```
|
```
|
||||||
|
|
||||||
## Preprocessing
|
## Preprocessing
|
||||||
|
|
47
handler/config.go
Normal file
47
handler/config.go
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
// Copyright (c) 2019 Vikunja and contributors.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Lesser General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Lesser General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Lesser General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package handler
|
||||||
|
|
||||||
|
import (
|
||||||
|
"code.vikunja.io/web"
|
||||||
|
"github.com/op/go-logging"
|
||||||
|
)
|
||||||
|
|
||||||
|
type Config struct {
|
||||||
|
AuthProvider *web.Auths
|
||||||
|
LoggingProvider *logging.Logger
|
||||||
|
}
|
||||||
|
|
||||||
|
var config *Config
|
||||||
|
|
||||||
|
func SetAuthProvider(provider *web.Auths) {
|
||||||
|
config.AuthProvider = provider
|
||||||
|
}
|
||||||
|
|
||||||
|
func SetLoggingProvider(logger *logging.Logger) {
|
||||||
|
config.LoggingProvider = logger
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
c.Set("AuthProvider", &web.Auths{
|
||||||
|
AuthObject: func(echo.Context) (web.Auth, error) {
|
||||||
|
return models.GetCurrentUser(c) // Your functions
|
||||||
|
},
|
||||||
|
})
|
||||||
|
c.Set("LoggingProvider", &log.Log)
|
||||||
|
return next(c)
|
||||||
|
*/
|
|
@ -16,9 +16,7 @@
|
||||||
package handler
|
package handler
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"code.vikunja.io/web"
|
|
||||||
"github.com/labstack/echo"
|
"github.com/labstack/echo"
|
||||||
"github.com/op/go-logging"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -38,15 +36,14 @@ func (c *WebHandler) CreateWeb(ctx echo.Context) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get the user to pass for later checks
|
// Get the user to pass for later checks
|
||||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||||
currentAuth, err := authprovider.AuthObject(ctx)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check rights
|
// Check rights
|
||||||
if !currentStruct.CanCreate(currentAuth) {
|
if !currentStruct.CanCreate(currentAuth) {
|
||||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to create while not having the rights for it", currentAuth)
|
config.LoggingProvider.Noticef("Tried to create while not having the rights for it", currentAuth)
|
||||||
return echo.NewHTTPError(http.StatusForbidden)
|
return echo.NewHTTPError(http.StatusForbidden)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -16,9 +16,7 @@
|
||||||
package handler
|
package handler
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"code.vikunja.io/web"
|
|
||||||
"github.com/labstack/echo"
|
"github.com/labstack/echo"
|
||||||
"github.com/op/go-logging"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -38,13 +36,12 @@ func (c *WebHandler) DeleteWeb(ctx echo.Context) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the user has the right to delete
|
// Check if the user has the right to delete
|
||||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||||
currentAuth, err := authprovider.AuthObject(ctx)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return echo.NewHTTPError(http.StatusInternalServerError)
|
return echo.NewHTTPError(http.StatusInternalServerError)
|
||||||
}
|
}
|
||||||
if !currentStruct.CanDelete(currentAuth) {
|
if !currentStruct.CanDelete(currentAuth) {
|
||||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to delete while not having the rights for it", currentAuth)
|
config.LoggingProvider.Noticef("Tried to delete while not having the rights for it", currentAuth)
|
||||||
return echo.NewHTTPError(http.StatusForbidden)
|
return echo.NewHTTPError(http.StatusForbidden)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -18,7 +18,6 @@ package handler
|
||||||
import (
|
import (
|
||||||
"code.vikunja.io/web"
|
"code.vikunja.io/web"
|
||||||
"github.com/labstack/echo"
|
"github.com/labstack/echo"
|
||||||
"github.com/op/go-logging"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -40,6 +39,6 @@ func HandleHTTPError(err error, ctx echo.Context) *echo.HTTPError {
|
||||||
errDetails := a.HTTPError()
|
errDetails := a.HTTPError()
|
||||||
return echo.NewHTTPError(errDetails.HTTPCode, errDetails)
|
return echo.NewHTTPError(errDetails.HTTPCode, errDetails)
|
||||||
}
|
}
|
||||||
ctx.Get("LoggingProvider").(*logging.Logger).Error(err.Error())
|
config.LoggingProvider.Error(err.Error())
|
||||||
return echo.NewHTTPError(http.StatusInternalServerError)
|
return echo.NewHTTPError(http.StatusInternalServerError)
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,9 +16,7 @@
|
||||||
package handler
|
package handler
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"code.vikunja.io/web"
|
|
||||||
"github.com/labstack/echo"
|
"github.com/labstack/echo"
|
||||||
"github.com/op/go-logging"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"strconv"
|
"strconv"
|
||||||
)
|
)
|
||||||
|
@ -28,8 +26,7 @@ func (c *WebHandler) ReadAllWeb(ctx echo.Context) error {
|
||||||
// Get our model
|
// Get our model
|
||||||
currentStruct := c.EmptyStruct()
|
currentStruct := c.EmptyStruct()
|
||||||
|
|
||||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||||
currentAuth, err := authprovider.AuthObject(ctx)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||||
}
|
}
|
||||||
|
@ -46,7 +43,7 @@ func (c *WebHandler) ReadAllWeb(ctx echo.Context) error {
|
||||||
}
|
}
|
||||||
pageNumber, err := strconv.Atoi(page)
|
pageNumber, err := strconv.Atoi(page)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ctx.Get("LoggingProvider").(*logging.Logger).Error(err.Error())
|
config.LoggingProvider.Error(err.Error())
|
||||||
return echo.NewHTTPError(http.StatusBadRequest, "Bad page requested.")
|
return echo.NewHTTPError(http.StatusBadRequest, "Bad page requested.")
|
||||||
}
|
}
|
||||||
if pageNumber < 0 {
|
if pageNumber < 0 {
|
||||||
|
|
|
@ -16,9 +16,7 @@
|
||||||
package handler
|
package handler
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"code.vikunja.io/web"
|
|
||||||
"github.com/labstack/echo"
|
"github.com/labstack/echo"
|
||||||
"github.com/op/go-logging"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -40,13 +38,12 @@ func (c *WebHandler) ReadOneWeb(ctx echo.Context) error {
|
||||||
|
|
||||||
// Check rights
|
// Check rights
|
||||||
// We can only check the rights on a full object, which is why we need to check it afterwards
|
// We can only check the rights on a full object, which is why we need to check it afterwards
|
||||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||||
currentAuth, err := authprovider.AuthObject(ctx)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||||
}
|
}
|
||||||
if !currentStruct.CanRead(currentAuth) {
|
if !currentStruct.CanRead(currentAuth) {
|
||||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to read one while not having the rights for it", currentAuth)
|
config.LoggingProvider.Noticef("Tried to read one while not having the rights for it", currentAuth)
|
||||||
return echo.NewHTTPError(http.StatusForbidden, "You don't have the right to see this")
|
return echo.NewHTTPError(http.StatusForbidden, "You don't have the right to see this")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -16,9 +16,7 @@
|
||||||
package handler
|
package handler
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"code.vikunja.io/web"
|
|
||||||
"github.com/labstack/echo"
|
"github.com/labstack/echo"
|
||||||
"github.com/op/go-logging"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -39,13 +37,12 @@ func (c *WebHandler) UpdateWeb(ctx echo.Context) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the user has the right to do that
|
// Check if the user has the right to do that
|
||||||
authprovider := ctx.Get("AuthProvider").(*web.Auths)
|
currentAuth, err := config.AuthProvider.AuthObject(ctx)
|
||||||
currentAuth, err := authprovider.AuthObject(ctx)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
|
||||||
}
|
}
|
||||||
if !currentStruct.CanUpdate(currentAuth) {
|
if !currentStruct.CanUpdate(currentAuth) {
|
||||||
ctx.Get("LoggingProvider").(*logging.Logger).Noticef("Tried to update while not having the rights for it", currentAuth)
|
config.LoggingProvider.Noticef("Tried to update while not having the rights for it", currentAuth)
|
||||||
return echo.NewHTTPError(http.StatusForbidden)
|
return echo.NewHTTPError(http.StatusForbidden)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user