Use the auth methods to get IDs to avoid unneeded casts

2019-06-28 10:21:48 +02:00
parent fc3c5f2187
commit f1d21ea52b
25 changed files with 65 additions and 146 deletions
--- a/pkg/models/label_rights.go
+++ b/pkg/models/label_rights.go
@ -43,20 +43,17 @@ func (l *Label) CanCreate(a web.Auth) (bool, error) {
 }

 func (l *Label) isLabelOwner(a web.Auth) (bool, error) {
-	u := getUserForRights(a)
 	lorig, err := getLabelByIDSimple(l.ID)
 	if err != nil {
 		return false, err
 	}
-	return lorig.CreatedByID == u.ID, nil
+	return lorig.CreatedByID == a.GetID(), nil
 }

 // Helper method to check if a user can see a specific label
 func (l *Label) hasAccessToLabel(a web.Auth) (bool, error) {
-	u := getUserForRights(a)
-
 	// Get all tasks
-	taskIDs, err := getUserTaskIDs(u)
+	taskIDs, err := getUserTaskIDs(&User{ID: a.GetID()})
 	if err != nil {
 		return false, err
 	}
@ -66,7 +63,7 @@ func (l *Label) hasAccessToLabel(a web.Auth) (bool, error) {
 	has, err := x.Table("labels").
 		Select("labels.*").
 		Join("LEFT", "label_task", "label_task.label_id = labels.id").
-		Where("label_task.label_id != null OR labels.created_by_id = ?", u.ID).
+		Where("label_task.label_id != null OR labels.created_by_id = ?", a.GetID()).
 		Or(builder.In("label_task.task_id", taskIDs)).
 		And("labels.id = ?", l.ID).
 		Exist(&labels)