bleh
More API stuff. Lots of bleh. Really boring Also need to figure out a somewhat generic way for "requires ownership" permission and then a combinator for permissions
This commit is contained in:
parent
ffe3cf32ae
commit
1bb6cd8a70
8 changed files with 438 additions and 300 deletions
|
|
@ -6,6 +6,7 @@ import (
|
|||
"github.com/google/jsonapi"
|
||||
"github.com/rs/zerolog/hlog"
|
||||
"gitlab.com/mstarongitlab/goutils/other"
|
||||
"gitlab.com/mstarongitlab/goutils/sliceutils"
|
||||
"gitlab.com/mstarongitlab/linstrom/storage"
|
||||
)
|
||||
|
||||
|
|
@ -14,6 +15,7 @@ import (
|
|||
func linstromGetAccount(w http.ResponseWriter, r *http.Request) {
|
||||
store := StorageFromRequest(r)
|
||||
log := hlog.FromRequest(r)
|
||||
|
||||
accId := AccountIdFromRequest(r)
|
||||
acc, err := store.FindAccountById(accId)
|
||||
switch err {
|
||||
|
|
@ -32,7 +34,30 @@ func linstromGetAccount(w http.ResponseWriter, r *http.Request) {
|
|||
)
|
||||
return
|
||||
}
|
||||
// TODO: Check if caller is actually allowed to view the account requested.
|
||||
actorId, ok := r.Context().Value(ContextKeyActorId).(string)
|
||||
if ok {
|
||||
// Logged in user is accessing account, check if target account has them blocked
|
||||
roles, err := store.FindRolesByNames(acc.Roles)
|
||||
if err != nil {
|
||||
log.Error().
|
||||
Err(err).
|
||||
Strs("role-names", acc.Roles).
|
||||
Msg("Failed to get roles from storage")
|
||||
other.HttpErr(
|
||||
w,
|
||||
HttpErrIdDbFailure,
|
||||
"Failed to get roles of target account",
|
||||
http.StatusInternalServerError,
|
||||
)
|
||||
return
|
||||
}
|
||||
collapsedRole := storage.CollapseRolesIntoOne(roles...)
|
||||
if sliceutils.Contains(collapsedRole.BlockedUsers, actorId) {
|
||||
// Actor account is in list of blocked accounts, deny access
|
||||
other.HttpErr(w, HttpErrIdNotAuthenticated, "Access forbidden", http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
outAccount, err := convertAccountStorageToLinstrom(acc, store)
|
||||
if err != nil {
|
||||
|
|
@ -53,7 +78,10 @@ func linstromGetAccount(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
}
|
||||
|
||||
func linstromUpdateAccount(w http.ResponseWriter, r *http.Request) {}
|
||||
func linstromUpdateAccount(w http.ResponseWriter, r *http.Request) {
|
||||
store := StorageFromRequest(r)
|
||||
log := hlog.FromRequest(r)
|
||||
}
|
||||
func linstromDeleteAccount(w http.ResponseWriter, r *http.Request) {}
|
||||
|
||||
func linstromIsFollowingAccount(w http.ResponseWriter, r *http.Request) {}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue