ami/tl-vikunja
1
0
Fork 0
Code Activity

Refactored canRead method to get the list before checking the right (#65)

Browse Source
This commit is contained in:
konrad
2019-03-24 13:17:36 +00:00
committed by Gitea
parent 47352d3ed4
commit 5525ee0328
7 changed files with 15 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
vendor/code.vikunja.io/web/handler/read_one.go generated vendored
View File

@ -30,14 +30,7 @@ func (c *WebHandler) ReadOneWeb(ctx echo.Context) error {
return echo.NewHTTPError(http.StatusBadRequest, "No or invalid model provided.")
}
// Get our object
err := currentStruct.ReadOne()
if err != nil {
return HandleHTTPError(err, ctx)
}
// Check rights
// We can only check the rights on a full object, which is why we need to check it afterwards
currentAuth, err := config.AuthProvider.AuthObject(ctx)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Could not determine the current user.")
@ -51,5 +44,11 @@ func (c *WebHandler) ReadOneWeb(ctx echo.Context) error {
return echo.NewHTTPError(http.StatusForbidden, "You don't have the right to see this")
}
// Get our object
err = currentStruct.ReadOne()
if err != nil {
return HandleHTTPError(err, ctx)
}
return ctx.JSON(http.StatusOK, currentStruct)
}