ami/tl-vikunja
1
0
Fork 0
Code Activity

feat(api): all usable routes behind authentication now have permissions

Browse Source 
Previously, only routes which were coming from crudable entities could be used with an api token because there was no way to assign permissions to them. This change implements a more flexible structure for api permissions under the hood, allowing to add permissions for these routes and making them usable with an api token.

Resolves https://github.com/go-vikunja/vikunja/issues/266
This commit is contained in:
kolaente
2024-06-03 21:35:09 +02:00
parent 5ef140fba2
commit 99a67e09b1
3 changed files with 106 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/routes/routes.go
View File

@ -211,8 +211,8 @@ func RegisterRoutes(e *echo.Echo) {
// API Routes
a := e.Group("/api/v1")
e.OnAddRouteHandler = func(_ string, route echo.Route, _ echo.HandlerFunc, _ []echo.MiddlewareFunc) {
models.CollectRoutesForAPITokenUsage(route)
e.OnAddRouteHandler = func(_ string, route echo.Route, _ echo.HandlerFunc, middlewares []echo.MiddlewareFunc) {
models.CollectRoutesForAPITokenUsage(route, middlewares)
}
registerAPIRoutes(a)
}