|
|
@ -2,6 +2,7 @@
|
|
|
|
(:require [compojure.core :refer [defroutes GET POST DELETE] :as comp]
|
|
|
|
(:require [compojure.core :refer [defroutes GET POST DELETE] :as comp]
|
|
|
|
[ring.util.response :as resp]
|
|
|
|
[ring.util.response :as resp]
|
|
|
|
[formulare.core :as form]
|
|
|
|
[formulare.core :as form]
|
|
|
|
|
|
|
|
[wanijo.schema.middleware :as mw]
|
|
|
|
[wanijo.framework.view :as view]
|
|
|
|
[wanijo.framework.view :as view]
|
|
|
|
[wanijo.framework.routing :refer [register! path]]
|
|
|
|
[wanijo.framework.routing :refer [register! path]]
|
|
|
|
[wanijo.schema.domain :as domain]
|
|
|
|
[wanijo.schema.domain :as domain]
|
|
|
@ -63,20 +64,6 @@
|
|
|
|
(resp/redirect (path :schema-show (:params req))))
|
|
|
|
(resp/redirect (path :schema-show (:params req))))
|
|
|
|
(view! uuid req))))
|
|
|
|
(view! uuid req))))
|
|
|
|
|
|
|
|
|
|
|
|
(defn write-permission-middleware [schema-fn]
|
|
|
|
|
|
|
|
(fn [handler]
|
|
|
|
|
|
|
|
(fn [req]
|
|
|
|
|
|
|
|
(let [uuid (schema-fn req)
|
|
|
|
|
|
|
|
check-fn domain/has-user-write-permissions?]
|
|
|
|
|
|
|
|
(if (check-fn uuid (get-in req [:session :uuid]))
|
|
|
|
|
|
|
|
(handler req)
|
|
|
|
|
|
|
|
(assoc
|
|
|
|
|
|
|
|
(resp/redirect (path :schema-show {:uuid uuid}))
|
|
|
|
|
|
|
|
:flash ["No write permission for schema"]))))))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(defn wrap-allowed-to-write []
|
|
|
|
|
|
|
|
(write-permission-middleware #(get-in % [:params :uuid])))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(defroutes write-routes
|
|
|
|
(defroutes write-routes
|
|
|
|
(POST (register! :schema-edit "/schema/edit") []
|
|
|
|
(POST (register! :schema-edit "/schema/edit") []
|
|
|
|
edit!)
|
|
|
|
edit!)
|
|
|
@ -97,4 +84,4 @@
|
|
|
|
(POST (register! :schema-new "/schema/new") []
|
|
|
|
(POST (register! :schema-new "/schema/new") []
|
|
|
|
new!)
|
|
|
|
new!)
|
|
|
|
(comp/wrap-routes write-routes
|
|
|
|
(comp/wrap-routes write-routes
|
|
|
|
(wrap-allowed-to-write)))
|
|
|
|
(mw/wrap-allowed-to-write)))
|
|
|
|