From 94a9e1054402ceb659343ac41785086417207ce0 Mon Sep 17 00:00:00 2001 From: Josha von Gizycki Date: Thu, 11 Oct 2018 15:44:50 +0200 Subject: [PATCH] move permission middleware to schema.middleware --- src/wanijo/attribute/routes.clj | 5 +++-- src/wanijo/schema/middleware.clj | 18 +++++++++++++++++- src/wanijo/schema/routes.clj | 17 ++--------------- 3 files changed, 22 insertions(+), 18 deletions(-) diff --git a/src/wanijo/attribute/routes.clj b/src/wanijo/attribute/routes.clj index 4c7078f..ec6fce3 100644 --- a/src/wanijo/attribute/routes.clj +++ b/src/wanijo/attribute/routes.clj @@ -8,7 +8,8 @@ [wanijo.schema.view :as schema-view] [wanijo.schema.domain :as schema-domain] [wanijo.schema.routes :as schema-routes] - [wanijo.schema.forms :as schema-forms])) + [wanijo.schema.forms :as schema-forms] + [wanijo.schema.middleware :as schema-middleware])) (defn new! [req] (let [schema-uuid (get-in req [:params :schema])] @@ -33,7 +34,7 @@ (resp/redirect (path :schema-show {:uuid (get-in req [:params :schema])}))) (defn wrap-allowed-to-write [] - (schema-routes/write-permission-middleware + (schema-middleware/write-permission-middleware #(or (get-in % [:params :schema]) (get-in % [:route-params :schema]) (-> (get-in % [:route-params :uuid]) diff --git a/src/wanijo/schema/middleware.clj b/src/wanijo/schema/middleware.clj index c2859b0..7cefd7f 100644 --- a/src/wanijo/schema/middleware.clj +++ b/src/wanijo/schema/middleware.clj @@ -1,5 +1,7 @@ (ns wanijo.schema.middleware - (:require [wanijo.schema.domain :as domain] + (:require [ring.util.response :as resp] + [wanijo.framework.routing :refer [path]] + [wanijo.schema.domain :as domain] [wanijo.framework.common :refer [in?]])) (defn wrap-user-schemas [handler] @@ -9,3 +11,17 @@ [:session :schemas] (domain/accessible-schemas! uuid))) (handler req)))) + +(defn write-permission-middleware [schema-fn] + (fn [handler] + (fn [req] + (let [uuid (schema-fn req) + check-fn domain/has-user-write-permissions?] + (if (check-fn uuid (get-in req [:session :uuid])) + (handler req) + (assoc + (resp/redirect (path :schema-show {:uuid uuid})) + :flash ["No write permission for schema"])))))) + +(defn wrap-allowed-to-write [] + (write-permission-middleware #(get-in % [:params :uuid]))) diff --git a/src/wanijo/schema/routes.clj b/src/wanijo/schema/routes.clj index 51de1d6..0cb9c1f 100644 --- a/src/wanijo/schema/routes.clj +++ b/src/wanijo/schema/routes.clj @@ -2,6 +2,7 @@ (:require [compojure.core :refer [defroutes GET POST DELETE] :as comp] [ring.util.response :as resp] [formulare.core :as form] + [wanijo.schema.middleware :as mw] [wanijo.framework.view :as view] [wanijo.framework.routing :refer [register! path]] [wanijo.schema.domain :as domain] @@ -63,20 +64,6 @@ (resp/redirect (path :schema-show (:params req)))) (view! uuid req)))) -(defn write-permission-middleware [schema-fn] - (fn [handler] - (fn [req] - (let [uuid (schema-fn req) - check-fn domain/has-user-write-permissions?] - (if (check-fn uuid (get-in req [:session :uuid])) - (handler req) - (assoc - (resp/redirect (path :schema-show {:uuid uuid})) - :flash ["No write permission for schema"])))))) - -(defn wrap-allowed-to-write [] - (write-permission-middleware #(get-in % [:params :uuid]))) - (defroutes write-routes (POST (register! :schema-edit "/schema/edit") [] edit!) @@ -97,4 +84,4 @@ (POST (register! :schema-new "/schema/new") [] new!) (comp/wrap-routes write-routes - (wrap-allowed-to-write))) + (mw/wrap-allowed-to-write)))