josha
/
wanijo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

move permission middleware to schema.middleware

Browse Source
integration-tests
Josha von Gizycki 6 years ago
parent 949619f65a
commit 94a9e10544
3 changed files with 22 additions and 18 deletions
Show Stats Download Patch File Download Diff File

5
src/wanijo/attribute/routes.clj
Unescape View File

@ -8,7 +8,8 @@
[wanijo.schema.view :as schema-view] [wanijo.schema.view :as schema-view]
[wanijo.schema.domain :as schema-domain] [wanijo.schema.domain :as schema-domain]
[wanijo.schema.routes :as schema-routes] [wanijo.schema.routes :as schema-routes]
[wanijo.schema.forms :as schema-forms])) [wanijo.schema.forms :as schema-forms]
[wanijo.schema.middleware :as schema-middleware]))
(defn new! [req] (defn new! [req]
(let [schema-uuid (get-in req [:params :schema])] (let [schema-uuid (get-in req [:params :schema])]
@ -33,7 +34,7 @@
(resp/redirect (path :schema-show {:uuid (get-in req [:params :schema])}))) (resp/redirect (path :schema-show {:uuid (get-in req [:params :schema])})))
(defn wrap-allowed-to-write [] (defn wrap-allowed-to-write []
(schema-routes/write-permission-middleware (schema-middleware/write-permission-middleware
#(or (get-in % [:params :schema]) #(or (get-in % [:params :schema])
(get-in % [:route-params :schema]) (get-in % [:route-params :schema])
(-> (get-in % [:route-params :uuid]) (-> (get-in % [:route-params :uuid])

18
src/wanijo/schema/middleware.clj
Unescape View File

@ -1,5 +1,7 @@
(ns wanijo.schema.middleware (ns wanijo.schema.middleware
(:require [wanijo.schema.domain :as domain] (:require [ring.util.response :as resp]
[wanijo.framework.routing :refer [path]]
[wanijo.schema.domain :as domain]
[wanijo.framework.common :refer [in?]])) [wanijo.framework.common :refer [in?]]))
(defn wrap-user-schemas [handler] (defn wrap-user-schemas [handler]
@ -9,3 +11,17 @@
[:session :schemas] [:session :schemas]
(domain/accessible-schemas! uuid))) (domain/accessible-schemas! uuid)))
(handler req)))) (handler req))))
(defn write-permission-middleware [schema-fn]
(fn [handler]
(fn [req]
(let [uuid (schema-fn req)
check-fn domain/has-user-write-permissions?]
(if (check-fn uuid (get-in req [:session :uuid]))
(handler req)
(assoc
(resp/redirect (path :schema-show {:uuid uuid}))
:flash ["No write permission for schema"]))))))
(defn wrap-allowed-to-write []
(write-permission-middleware #(get-in % [:params :uuid])))

17
src/wanijo/schema/routes.clj
Unescape View File

@ -2,6 +2,7 @@
(:require [compojure.core :refer [defroutes GET POST DELETE] :as comp] (:require [compojure.core :refer [defroutes GET POST DELETE] :as comp]
[ring.util.response :as resp] [ring.util.response :as resp]
[formulare.core :as form] [formulare.core :as form]
[wanijo.schema.middleware :as mw]
[wanijo.framework.view :as view] [wanijo.framework.view :as view]
[wanijo.framework.routing :refer [register! path]] [wanijo.framework.routing :refer [register! path]]
[wanijo.schema.domain :as domain] [wanijo.schema.domain :as domain]
@ -63,20 +64,6 @@
(resp/redirect (path :schema-show (:params req)))) (resp/redirect (path :schema-show (:params req))))
(view! uuid req)))) (view! uuid req))))
(defn write-permission-middleware [schema-fn]
(fn [handler]
(fn [req]
(let [uuid (schema-fn req)
check-fn domain/has-user-write-permissions?]
(if (check-fn uuid (get-in req [:session :uuid]))
(handler req)
(assoc
(resp/redirect (path :schema-show {:uuid uuid}))
:flash ["No write permission for schema"]))))))
(defn wrap-allowed-to-write []
(write-permission-middleware #(get-in % [:params :uuid])))
(defroutes write-routes (defroutes write-routes
(POST (register! :schema-edit "/schema/edit") [] (POST (register! :schema-edit "/schema/edit") []
edit!) edit!)
@ -97,4 +84,4 @@
(POST (register! :schema-new "/schema/new") [] (POST (register! :schema-new "/schema/new") []
new!) new!)
(comp/wrap-routes write-routes (comp/wrap-routes write-routes
(wrap-allowed-to-write))) (mw/wrap-allowed-to-write)))

Write Preview
Loading…
Cancel
Save