josha
/
wanijo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

write permission check on attribute changes

Browse Source
integration-tests
Josha von Gizycki 6 years ago
parent cff6e9e965
commit 193ab989af
4 changed files with 42 additions and 21 deletions
Show Stats Download Patch File Download Diff File

13
src/wanijo/attribute/domain.clj
Unescape View File

@ -11,9 +11,6 @@
(spec/def ::type (spec/def ::type
(spec/and string? types)) (spec/and string? types))
(spec/def ::required
#{"on" nil 0 1 "0" "1"})
(spec/def ::created-at (spec/def ::created-at
(spec/and string? ::neo4j/date-str)) (spec/and string? ::neo4j/date-str))
@ -84,3 +81,13 @@
(map :a (map :a
(neo4j/exec-query! required (neo4j/exec-query! required
{:schema_uuid schema-uuid}))) {:schema_uuid schema-uuid})))
(neo4j/defquery schema-of
"MATCH (a:attribute {uuid:{uuid}})-[:of]->(s:schema)
RETURN s")
(defn schema-of! [uuid]
(->> (neo4j/exec-query! schema-of
{:uuid uuid})
(map :s)
first))

20
src/wanijo/attribute/routes.clj
Unescape View File

@ -1,5 +1,6 @@
(ns wanijo.attribute.routes (ns wanijo.attribute.routes
(:require [compojure.core :refer [defroutes GET POST DELETE]] (:require [compojure.core :refer [defroutes GET POST DELETE] :as comp]
[clojure.pprint :refer [pprint]]
[ring.util.response :as resp] [ring.util.response :as resp]
[formulare.core :as form] [formulare.core :as form]
[wanijo.framework.routing :refer [register! path]] [wanijo.framework.routing :refer [register! path]]
@ -31,9 +32,16 @@
(domain/delete-by-uuid! uuid) (domain/delete-by-uuid! uuid)
(resp/redirect (path :schema-show {:uuid (get-in req [:params :schema])}))) (resp/redirect (path :schema-show {:uuid (get-in req [:params :schema])})))
(defroutes routes (defn wrap-allowed-to-write []
(POST (register! :attribute-new "/attribute/new") (schema-routes/write-permission-middleware
[] #(or (get-in % [:params :schema])
(get-in % [:route-params :schema])
(-> (get-in % [:route-params :uuid])
(domain/schema-of!)
:uuid))))
(defroutes write-routes
(POST (register! :attribute-new "/attribute/new") []
new!) new!)
(POST (register! :attribute-edit "/attribute/edit/:schema") (POST (register! :attribute-edit "/attribute/edit/:schema")
[schema :as req] [schema :as req]
@ -41,3 +49,7 @@
(DELETE (register! :attribute-delete "/attribute/:uuid/delete") (DELETE (register! :attribute-delete "/attribute/:uuid/delete")
[uuid :as req] [uuid :as req]
(delete! uuid req))) (delete! uuid req)))
(defroutes routes
(comp/wrap-routes write-routes
(wrap-allowed-to-write)))

6
src/wanijo/schema/forms.clj
Unescape View File

@ -15,7 +15,7 @@
(not= attr-uuid (:uuid %)))) (not= attr-uuid (:uuid %))))
1 0)) 1 0))
(apply +))] (apply +))]
(not= 0 duplicates))) (= 0 duplicates)))
(spec/def ::unique-attr-name-per-schema (spec/def ::unique-attr-name-per-schema
unique-attr-name-in-schema!) unique-attr-name-in-schema!)
@ -29,8 +29,7 @@
(def attr-form (def attr-form
{:fields {:name {:label "Name" {:fields {:name {:label "Name"
:required true :required true
:spec ::attr-domain/name :spec ::attr-domain/name}
}
:type {:label "Type" :type {:label "Type"
:required true :required true
:spec ::attr-domain/type :spec ::attr-domain/type
@ -39,7 +38,6 @@
attr-domain/types)} attr-domain/types)}
:required {:label "Required" :required {:label "Required"
:required false :required false
:spec ::attr-domain/required
:widget :checkbox :widget :checkbox
:from-req #(if (some? %) 1 0)} :from-req #(if (some? %) 1 0)}
:uuid {:widget :hidden}} :uuid {:widget :hidden}}

24
src/wanijo/schema/routes.clj
Unescape View File

@ -63,15 +63,19 @@
(resp/redirect (path :schema-show (:params req)))) (resp/redirect (path :schema-show (:params req))))
(view! uuid req)))) (view! uuid req))))
(defn wrap-allowed-to-write [handler] (defn write-permission-middleware [schema-fn]
(fn [req] (fn [handler]
(let [uuid (get-in req [:params :uuid]) (fn [req]
user (get-in req [:session :uuid])] (let [uuid (schema-fn req)
(if (domain/has-user-write-permissions? uuid user) check-fn domain/has-user-write-permissions?]
(handler req) (if (check-fn uuid (get-in req [:session :uuid]))
(assoc (handler req)
(resp/redirect (path :schema-show (:params req))) (assoc
:flash ["No write permission for schema"]))))) (resp/redirect (path :schema-show {:uuid uuid}))
:flash ["No write permission for schema"]))))))
(defn wrap-allowed-to-write []
(write-permission-middleware #(get-in % [:params :uuid])))
(defroutes write-routes (defroutes write-routes
(POST (register! :schema-edit "/schema/edit") [] (POST (register! :schema-edit "/schema/edit") []
@ -93,4 +97,4 @@
(POST (register! :schema-new "/schema/new") [] (POST (register! :schema-new "/schema/new") []
new!) new!)
(comp/wrap-routes write-routes (comp/wrap-routes write-routes
wrap-allowed-to-write)) (wrap-allowed-to-write)))

Write Preview
Loading…
Cancel
Save