ami/tl-vikunja
1
0
Fork 0
Code Activity

Let rights methods return errors (#64)

Browse Source
This commit is contained in:
konrad
2019-03-24 12:35:50 +00:00
committed by Gitea
parent 11e7c071ce
commit 47352d3ed4
44 changed files with 282 additions and 220 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
pkg/models/teams_rights.go
View File

@ -17,64 +17,47 @@
package models
import (
"code.vikunja.io/api/pkg/log"
"code.vikunja.io/web"
)
// CanCreate checks if the user can create a new team
func (t *Team) CanCreate(a web.Auth) bool {
func (t *Team) CanCreate(a web.Auth) (bool, error) {
// This is currently a dummy function, later on we could imagine global limits etc.
return true
return true, nil
}
// CanUpdate checks if the user can update a team
func (t *Team) CanUpdate(a web.Auth) bool {
func (t *Team) CanUpdate(a web.Auth) (bool, error) {
u := getUserForRights(a)
// Check if the current user is in the team and has admin rights in it
exists, err := x.Where("team_id = ?", t.ID).
return x.Where("team_id = ?", t.ID).
And("user_id = ?", u.ID).
And("admin = ?", true).
Get(&TeamMember{})
if err != nil {
log.Log.Error("Error occurred during CanUpdate for Team: %s", err)
return false
}
return exists
}
// CanDelete checks if a user can delete a team
func (t *Team) CanDelete(a web.Auth) bool {
func (t *Team) CanDelete(a web.Auth) (bool, error) {
return t.IsAdmin(a)
}
// IsAdmin returns true when the user is admin of a team
func (t *Team) IsAdmin(a web.Auth) bool {
func (t *Team) IsAdmin(a web.Auth) (bool, error) {
u := getUserForRights(a)
exists, err := x.Where("team_id = ?", t.ID).
return x.Where("team_id = ?", t.ID).
And("user_id = ?", u.ID).
And("admin = ?", true).
Get(&TeamMember{})
if err != nil {
log.Log.Error("Error occurred during CanUpdate for Team: %s", err)
return false
}
return exists
}
// CanRead returns true if the user has read access to the team
func (t *Team) CanRead(a web.Auth) bool {
func (t *Team) CanRead(a web.Auth) (bool, error) {
user := getUserForRights(a)
// Check if the user is in the team
exists, err := x.Where("team_id = ?", t.ID).
return x.Where("team_id = ?", t.ID).
And("user_id = ?", user.ID).
Get(&TeamMember{})
if err != nil {
log.Log.Error("Error occurred during CanUpdate for Team: %s", err)
return false
}
return exists
}