Let rights methods return errors (#64)

2019-03-24 12:35:50 +00:00
parent 11e7c071ce
commit 47352d3ed4
44 changed files with 282 additions and 220 deletions
--- a/vendor/code.vikunja.io/web/Readme.md
+++ b/vendor/code.vikunja.io/web/Readme.md
@ -38,10 +38,11 @@ other handler implementations, enabling a lot of flexibility while develeoping.

 ### TODOs

-* [ ] Improve docs/Merge with the ones of Vikunja
-* [ ] Description of web.HTTPError
-* [ ] Rights methods should return errors (I know, this will break a lot of existing stuff)
+* [x] Improve docs/Merge with the ones of Vikunja
+* [x] Description of web.HTTPError
+* [x] Rights methods should return errors (I know, this will break a lot of existing stuff)
 * [ ] optional Before- and after-{load|update|create} methods which do some preprocessing/after processing like making human-readable names from automatically up counting consts
+* [ ] "Magic": Check if a passed struct implements Crudable methods and use a general (user defined) function if not

 ## Installation

@ -49,6 +50,8 @@ Using the web handler in your application is pretty straight forward, simply run

 In order to use the common web handler, the struct must implement the `web.CRUDable` and `web.Rights` interface.

+To learn how to use the handler, take a look at the [handler config](#handler-config) [defining routes](#defining-routes-using-the-standard-web-handler)
+
 ## CRUDable

 This interface defines methods to Create/Read/ReadAll/Update/Delete something. It is defined as followed:
@ -82,18 +85,20 @@ way to do this, don't hesitate to [drop me a message](https://vikunja.io/en/cont

 ## Rights

-This interface defines methods to check for rights on structs. They accept an `Auth`-element as parameter and return a `bool`.
+This interface defines methods to check for rights on structs. They accept an `Auth`-element as parameter and return a `bool` and `error`.
+
+The `error` is handled [as usual](#errors).

 The interface is defined as followed:

 ```go
 type Rights interface {
-	IsAdmin(Auth) bool
-	CanWrite(Auth) bool
-	CanRead(Auth) bool
-	CanDelete(Auth) bool
-	CanUpdate(Auth) bool
-	CanCreate(Auth) bool
+	IsAdmin(Auth) (bool, error)
+	CanWrite(Auth) (bool, error)
+	CanRead(Auth) (bool, error)
+	CanDelete(Auth) (bool, error)
+	CanUpdate(Auth) (bool, error)
+	CanCreate(Auth) (bool, error)
 }
 ```

--- a/vendor/code.vikunja.io/web/handler/create.go
+++ b/vendor/code.vikunja.io/web/handler/create.go
@ -42,7 +42,11 @@ func (c *WebHandler) CreateWeb(ctx echo.Context) error {
 	}

 	// Check rights
-	if !currentStruct.CanCreate(currentAuth) {
+	canRead, err := currentStruct.CanCreate(currentAuth)
+	if err != nil {
+		return HandleHTTPError(err, ctx)
+	}
+	if canRead {
 		config.LoggingProvider.Noticef("Tried to create while not having the rights for it (User: %v)", currentAuth)
 		return echo.NewHTTPError(http.StatusForbidden)
 	}
--- a/vendor/code.vikunja.io/web/handler/delete.go
+++ b/vendor/code.vikunja.io/web/handler/delete.go
@ -40,7 +40,11 @@ func (c *WebHandler) DeleteWeb(ctx echo.Context) error {
 	if err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError)
 	}
-	if !currentStruct.CanDelete(currentAuth) {
+	canDelete, err := currentStruct.CanDelete(currentAuth)
+	if err != nil {
+		return HandleHTTPError(err, ctx)
+	}
+	if canDelete {
 		config.LoggingProvider.Noticef("Tried to create while not having the rights for it (User: %v)", currentAuth)
 		return echo.NewHTTPError(http.StatusForbidden)
 	}
--- a/vendor/code.vikunja.io/web/handler/read_one.go
+++ b/vendor/code.vikunja.io/web/handler/read_one.go
@ -42,7 +42,11 @@ func (c *WebHandler) ReadOneWeb(ctx echo.Context) error {
 	if err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
 	}
-	if !currentStruct.CanRead(currentAuth) {
+	canRead, err := currentStruct.CanRead(currentAuth)
+	if err != nil {
+		return HandleHTTPError(err, ctx)
+	}
+	if canRead {
 		config.LoggingProvider.Noticef("Tried to create while not having the rights for it (User: %v)", currentAuth)
 		return echo.NewHTTPError(http.StatusForbidden, "You don't have the right to see this")
 	}
--- a/vendor/code.vikunja.io/web/handler/update.go
+++ b/vendor/code.vikunja.io/web/handler/update.go
@ -41,7 +41,11 @@ func (c *WebHandler) UpdateWeb(ctx echo.Context) error {
 	if err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
 	}
-	if !currentStruct.CanUpdate(currentAuth) {
+	canUpdate, err := currentStruct.CanUpdate(currentAuth)
+	if err != nil {
+		return HandleHTTPError(err, ctx)
+	}
+	if canUpdate {
 		config.LoggingProvider.Noticef("Tried to create while not having the rights for it (User: %v)", currentAuth)
 		return echo.NewHTTPError(http.StatusForbidden)
 	}
--- a/vendor/code.vikunja.io/web/web.go
+++ b/vendor/code.vikunja.io/web/web.go
@ -19,12 +19,12 @@ import "github.com/labstack/echo"

 // Rights defines rights methods
 type Rights interface {
-	IsAdmin(Auth) bool
-	CanWrite(Auth) bool
-	CanRead(Auth) bool
-	CanDelete(Auth) bool
-	CanUpdate(Auth) bool
-	CanCreate(Auth) bool
+	IsAdmin(Auth) (bool, error)
+	CanWrite(Auth) (bool, error)
+	CanRead(Auth) (bool, error)
+	CanDelete(Auth) (bool, error)
+	CanUpdate(Auth) (bool, error)
+	CanCreate(Auth) (bool, error)
 }

 // CRUDable defines the crud methods
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -1,4 +1,4 @@
-# code.vikunja.io/web v0.0.0-20190324080741-7bd881d9892a
+# code.vikunja.io/web v0.0.0-20190324105229-0933ac082307
 code.vikunja.io/web
 code.vikunja.io/web/handler
 # github.com/BurntSushi/toml v0.3.1