From 0bbe37c6d580e0a0734b4e0ebc0351508d8fda56 Mon Sep 17 00:00:00 2001 From: Fabrice Lecomte Date: Fri, 5 Feb 2021 23:13:37 +0100 Subject: [PATCH] Remove converter for CitizenRef --- src/main/kotlin/application/Converters.kt | 8 -------- .../routes/constitution/GetMyFollowsConstitution.kt | 5 ++++- .../component/opinion/OpinionAccessControl.kt | 10 ++++++++-- .../opinion/routes/GetMyOpinionsArticle.kt | 13 ++++++++++--- 4 files changed, 22 insertions(+), 14 deletions(-) diff --git a/src/main/kotlin/application/Converters.kt b/src/main/kotlin/application/Converters.kt index b138692..2717741 100644 --- a/src/main/kotlin/application/Converters.kt +++ b/src/main/kotlin/application/Converters.kt @@ -52,14 +52,6 @@ val converters: ConverterDeclaration = { } } - convert { - decode { values, _ -> - values.singleOrNull()?.let { - CitizenRef(UUID.fromString(it)) - } ?: throw NotFoundException("""UUID "$values" is not valid for Citizen""") - } - } - convert { decode { values, _ -> val id = values.singleOrNull()?.let { UUID.fromString(it) } diff --git a/src/main/kotlin/component/follow/routes/constitution/GetMyFollowsConstitution.kt b/src/main/kotlin/component/follow/routes/constitution/GetMyFollowsConstitution.kt index 7bb15a0..dd8b28f 100644 --- a/src/main/kotlin/component/follow/routes/constitution/GetMyFollowsConstitution.kt +++ b/src/main/kotlin/component/follow/routes/constitution/GetMyFollowsConstitution.kt @@ -11,11 +11,14 @@ import io.ktor.locations.Location import io.ktor.locations.get import io.ktor.response.respond import io.ktor.routing.Route +import java.util.UUID @KtorExperimentalLocationsAPI object GetMyFollowsConstitution { @Location("/citizens/{citizen}/follows/constitutions") - class CitizenFollowConstitutionRequest(val citizen: CitizenRef) + class CitizenFollowConstitutionRequest(citizen: UUID) { + val citizen = CitizenRef(citizen) + } fun Route.getMyFollowsConstitution(repo: FollowConstitutionRepository, ac: FollowAccessControl) { get { diff --git a/src/main/kotlin/component/opinion/OpinionAccessControl.kt b/src/main/kotlin/component/opinion/OpinionAccessControl.kt index c8dcc92..f8ff669 100644 --- a/src/main/kotlin/component/opinion/OpinionAccessControl.kt +++ b/src/main/kotlin/component/opinion/OpinionAccessControl.kt @@ -1,7 +1,9 @@ package fr.dcproject.component.opinion import fr.dcproject.common.entity.HasTarget +import fr.dcproject.common.entity.TargetRef import fr.dcproject.component.citizen.CitizenI +import fr.dcproject.component.opinion.entity.Opinion import fr.dcproject.component.opinion.entity.OpinionI import fr.dcproject.security.AccessControl import fr.dcproject.security.AccessResponse @@ -22,10 +24,14 @@ class OpinionAccessControl : AccessControl() { } } - fun > canView(subjects: SS, citizen: CitizenI?): AccessResponse = + fun , C: CitizenI> canView(subjects: SS, citizen: CitizenI?): AccessResponse where S : OpinionI, S : EntityCreatedBy = canAll(subjects) { canView(it, citizen) } - fun canView(subject: S, citizen: CitizenI?): AccessResponse = granted() + fun canView(subject: S, citizen: CitizenI?): AccessResponse where S : OpinionI, S : EntityCreatedBy = when { + citizen == null -> denied("You must be connected to delete opinion", "opinion.delete.notConnected") + subject.createdBy.id != citizen.id -> denied("You cannot view opinions of other citizen", "opinion.view.otherCitizen") + else -> granted() + } fun canDelete(subject: S, citizen: CitizenI?): AccessResponse where S : EntityCreatedBy, S : OpinionI = when { citizen == null -> denied("You must be connected to delete opinion", "opinion.delete.notConnected") diff --git a/src/main/kotlin/component/opinion/routes/GetMyOpinionsArticle.kt b/src/main/kotlin/component/opinion/routes/GetMyOpinionsArticle.kt index cf3f513..fd2011a 100644 --- a/src/main/kotlin/component/opinion/routes/GetMyOpinionsArticle.kt +++ b/src/main/kotlin/component/opinion/routes/GetMyOpinionsArticle.kt @@ -1,12 +1,16 @@ package fr.dcproject.component.opinion.routes +import fr.dcproject.common.entity.TargetRef import fr.dcproject.component.auth.citizen import fr.dcproject.component.auth.citizenOrNull +import fr.dcproject.component.citizen.CitizenBasicI import fr.dcproject.component.citizen.CitizenRef import fr.dcproject.component.opinion.OpinionAccessControl +import fr.dcproject.component.opinion.entity.Opinion import fr.dcproject.routes.PaginatedRequest import fr.dcproject.routes.PaginatedRequestI import fr.dcproject.security.assert +import fr.postgresjson.connexion.Paginated import io.ktor.application.call import io.ktor.locations.KtorExperimentalLocationsAPI import io.ktor.locations.Location @@ -14,6 +18,7 @@ import io.ktor.locations.get import io.ktor.response.respond import io.ktor.routing.Route import fr.dcproject.component.opinion.OpinionRepositoryArticle as OpinionArticleRepository +import java.util.UUID @KtorExperimentalLocationsAPI object GetMyOpinionsArticle { @@ -22,14 +27,16 @@ object GetMyOpinionsArticle { */ @Location("/citizens/{citizen}/opinions/articles") class CitizenOpinionsArticleRequest( - val citizen: CitizenRef, + citizen: UUID, page: Int = 1, limit: Int = 50 - ) : PaginatedRequestI by PaginatedRequest(page, limit) + ) : PaginatedRequestI by PaginatedRequest(page, limit) { + val citizen = CitizenRef(citizen) + } fun Route.getMyOpinionsArticle(repo: OpinionArticleRepository, ac: OpinionAccessControl) { get { - val opinions = repo.findCitizenOpinions(citizen, it.page, it.limit) + val opinions: Paginated> = repo.findCitizenOpinions(citizen, it.page, it.limit) ac.assert { canView(opinions.result, citizenOrNull) } call.respond(opinions) }