josha
/
wanijo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

read permission check

Browse Source
integration-tests
Josha von Gizycki 6 years ago
parent 29228853dc
commit e6aa0707e5
5 changed files with 21 additions and 6 deletions
Show Stats Download Patch File Download Diff File

3
src/wanijo/instance/routes.clj
Unescape View File

@ -14,12 +14,11 @@
(view/list! (domain-schema/find-by-uuid! schema-uuid) (view/list! (domain-schema/find-by-uuid! schema-uuid)
(domain/find-by-schema! schema-uuid) (domain/find-by-schema! schema-uuid)
(forms-inst/instance-form schema-uuid) (forms-inst/instance-form schema-uuid)
(new-form schema-uuid)
req)) req))
(defn new! [req] (defn new! [req]
(let [schema-uuid (get-in req [:params :schema-uuid]) (let [schema-uuid (get-in req [:params :schema-uuid])
form-def (new-form schema-uuid)] form-def (forms-inst/instance-form schema-uuid)]
(if (form/valid? form-def req) (if (form/valid? form-def req)
(let [form-data (form/form-data form-def req) (let [form-data (form/form-data form-def req)
req-attrs (domain-attr/required! schema-uuid) req-attrs (domain-attr/required! schema-uuid)

1
src/wanijo/schema/domain.clj
Unescape View File

@ -10,6 +10,7 @@
(spec/def ::assigned-to (spec/def ::assigned-to
(spec/or :public empty? (spec/or :public empty?
:assigned-single ::neo4j/uuid
:assigned (spec/coll-of ::neo4j/uuid))) :assigned (spec/coll-of ::neo4j/uuid)))
(neo4j/defquery (neo4j/defquery

10
src/wanijo/schema/middleware.clj
Unescape View File

@ -24,3 +24,13 @@
(defn wrap-allowed-to-write [] (defn wrap-allowed-to-write []
(write-permission-middleware #(get-in % [:params :uuid]))) (write-permission-middleware #(get-in % [:params :uuid])))
(defn wrap-allowed-to-read [schema-fn]
(fn [handler]
(fn [req]
(let [uuid (schema-fn req)
check-fn domain/has-user-read-permissions?]
(if (check-fn uuid (get-in req [:session :uuid]))
(handler req)
(assoc (resp/redirect (path :schema-overview))
:flash ["No read permission for schema"]))))))

11
src/wanijo/schema/routes.clj
Unescape View File

@ -75,13 +75,18 @@
[uuid :as req] [uuid :as req]
(delete-schema! uuid (:session req)))) (delete-schema! uuid (:session req))))
(defroutes read-routes
(GET (register! :schema-show "/schema/:uuid")
[uuid :as req]
(view! uuid req)))
(defroutes routes (defroutes routes
(GET (register! :schema-overview "/schema") [] (GET (register! :schema-overview "/schema") []
schema-view/overview!) schema-view/overview!)
(GET (register! :schema-show "/schema/:uuid")
[uuid :as req]
(view! uuid req))
(POST (register! :schema-new "/schema/new") [] (POST (register! :schema-new "/schema/new") []
new!) new!)
(comp/wrap-routes read-routes
(mw/wrap-allowed-to-read
#(get-in % [:route-params :uuid])))
(comp/wrap-routes write-routes (comp/wrap-routes write-routes
(mw/wrap-allowed-to-write))) (mw/wrap-allowed-to-write)))

2
src/wanijo/schema/view.clj
Unescape View File

@ -13,7 +13,7 @@
uuid (:uuid session) uuid (:uuid session)
schemas (domain/all-created-by! uuid)] schemas (domain/all-created-by! uuid)]
(view/layout! (view/layout!
:session session :request req
:content :content
[[:h1 "All schemas"] [[:h1 "All schemas"]
[:table [:table

Write Preview
Loading…
Cancel
Save