DC/dc-project
1
1
Fork 0
Code Issues 25 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Rename Voter to AccessControl

Browse Source
This commit is contained in:
Fabrice Lecomte
2021-01-22 22:07:25 +01:00
parent c1b8b508ac
commit 49a03a57cb
63 changed files with 462 additions and 462 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/main/kotlin/component/follow/FollowVoter.kt → src/main/kotlin/component/follow/FollowAccessControl.kt
View File

@@ -1,25 +1,25 @@
package fr.dcproject.component.follow
import fr.dcproject.component.citizen.CitizenI
import fr.dcproject.voter.Voter
import fr.dcproject.voter.VoterResponse
import fr.dcproject.security.AccessControl
import fr.dcproject.security.AccessResponse
import fr.dcproject.component.follow.Follow as FollowEntity
class FollowVoter : Voter() {
fun canCreate(subject: FollowI, citizen: CitizenI?): VoterResponse {
class FollowAccessControl : AccessControl() {
fun canCreate(subject: FollowI, citizen: CitizenI?): AccessResponse {
return if (citizen == null) denied("You must be connected to follow", "follow.create.notConnected")
else granted()
}
fun canDelete(subject: FollowI, citizen: CitizenI?): VoterResponse {
fun canDelete(subject: FollowI, citizen: CitizenI?): AccessResponse {
return if (citizen == null) denied("You must be connected to unfollow", "follow.delete.notConnected")
else granted()
}
fun <S : FollowEntity<*>> canView(subjects: List<S>, citizen: CitizenI?): VoterResponse =
fun <S : FollowEntity<*>> canView(subjects: List<S>, citizen: CitizenI?): AccessResponse =
canAll(subjects) { canView(it, citizen) }
fun canView(subject: FollowEntity<*>, citizen: CitizenI?): VoterResponse {
fun canView(subject: FollowEntity<*>, citizen: CitizenI?): AccessResponse {
return if ((citizen != null && subject.createdBy.id == citizen.id) || !subject.createdBy.followAnonymous) granted()
else denied("You cannot view an anonymous follow", "follow.view.anonymous")
}

8
src/main/kotlin/component/follow/routes/article/FollowArticle.kt
View File

@@ -3,10 +3,10 @@ package fr.dcproject.component.follow.routes.article
import fr.dcproject.component.article.ArticleRef
import fr.dcproject.component.auth.citizen
import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.follow.FollowAccessControl
import fr.dcproject.component.follow.FollowArticleRepository
import fr.dcproject.component.follow.FollowForUpdate
import fr.dcproject.component.follow.FollowVoter
import fr.dcproject.voter.assert
import fr.dcproject.security.assert
import io.ktor.application.call
import io.ktor.http.HttpStatusCode
import io.ktor.locations.KtorExperimentalLocationsAPI
@@ -20,10 +20,10 @@ object FollowArticle {
@Location("/articles/{article}/follows")
class ArticleFollowRequest(val article: ArticleRef)
fun Route.followArticle(repo: FollowArticleRepository, voter: FollowVoter) {
fun Route.followArticle(repo: FollowArticleRepository, ac: FollowAccessControl) {
post<ArticleFollowRequest> {
val follow = FollowForUpdate(target = it.article, createdBy = this.citizen)
voter.assert { canCreate(follow, citizenOrNull) }
ac.assert { canCreate(follow, citizenOrNull) }
repo.follow(follow)
call.respond(HttpStatusCode.Created)
}

8
src/main/kotlin/component/follow/routes/article/GetFollowArticle.kt
View File

@@ -3,9 +3,9 @@ package fr.dcproject.component.follow.routes.article
import fr.dcproject.component.article.ArticleRef
import fr.dcproject.component.auth.citizen
import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.follow.FollowAccessControl
import fr.dcproject.component.follow.FollowArticleRepository
import fr.dcproject.component.follow.FollowVoter
import fr.dcproject.voter.assert
import fr.dcproject.security.assert
import io.ktor.application.call
import io.ktor.http.HttpStatusCode
import io.ktor.locations.KtorExperimentalLocationsAPI
@@ -19,10 +19,10 @@ object GetFollowArticle {
@Location("/articles/{article}/follows")
class ArticleFollowRequest(val article: ArticleRef)
fun Route.getFollowArticle(repo: FollowArticleRepository, voter: FollowVoter) {
fun Route.getFollowArticle(repo: FollowArticleRepository, ac: FollowAccessControl) {
get<ArticleFollowRequest> {
repo.findFollow(citizen, it.article)?.let { follow ->
voter.assert { canView(follow, citizenOrNull) }
ac.assert { canView(follow, citizenOrNull) }
call.respond(follow)
} ?: call.respond(HttpStatusCode.NoContent)
}

8
src/main/kotlin/component/follow/routes/article/GetMyFollowsArticle.kt
View File

@@ -2,9 +2,9 @@ package fr.dcproject.component.follow.routes.article
import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.citizen.Citizen
import fr.dcproject.component.follow.FollowAccessControl
import fr.dcproject.component.follow.FollowArticleRepository
import fr.dcproject.component.follow.FollowVoter
import fr.dcproject.voter.assert
import fr.dcproject.security.assert
import io.ktor.application.call
import io.ktor.locations.KtorExperimentalLocationsAPI
import io.ktor.locations.Location
@@ -17,10 +17,10 @@ object GetMyFollowsArticle {
@Location("/citizens/{citizen}/follows/articles")
class CitizenFollowArticleRequest(val citizen: Citizen)
fun Route.getMyFollowsArticle(repo: FollowArticleRepository, voter: FollowVoter) {
fun Route.getMyFollowsArticle(repo: FollowArticleRepository, ac: FollowAccessControl) {
get<CitizenFollowArticleRequest> {
val follows = repo.findByCitizen(it.citizen)
voter.assert { canView(follows.result, citizenOrNull) }
ac.assert { canView(follows.result, citizenOrNull) }
call.respond(follows)
}
}

8
src/main/kotlin/component/follow/routes/article/UnfollowArticle.kt
View File

@@ -3,10 +3,10 @@ package fr.dcproject.component.follow.routes.article
import fr.dcproject.component.article.ArticleRef
import fr.dcproject.component.auth.citizen
import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.follow.FollowAccessControl
import fr.dcproject.component.follow.FollowArticleRepository
import fr.dcproject.component.follow.FollowForUpdate
import fr.dcproject.component.follow.FollowVoter
import fr.dcproject.voter.assert
import fr.dcproject.security.assert
import io.ktor.application.call
import io.ktor.http.HttpStatusCode
import io.ktor.locations.KtorExperimentalLocationsAPI
@@ -20,10 +20,10 @@ object UnfollowArticle {
@Location("/articles/{article}/follows")
class ArticleFollowRequest(val article: ArticleRef)
fun Route.unfollowArticle(repo: FollowArticleRepository, voter: FollowVoter) {
fun Route.unfollowArticle(repo: FollowArticleRepository, ac: FollowAccessControl) {
delete<ArticleFollowRequest> {
val follow = FollowForUpdate(target = it.article, createdBy = this.citizen)
voter.assert { canDelete(follow, citizenOrNull) }
ac.assert { canDelete(follow, citizenOrNull) }
repo.unfollow(follow)
call.respond(HttpStatusCode.NoContent)
}

8
src/main/kotlin/component/follow/routes/constitution/FollowConstitution.kt
View File

@@ -2,11 +2,11 @@ package fr.dcproject.component.follow.routes.constitution
import fr.dcproject.component.auth.citizen
import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.follow.FollowAccessControl
import fr.dcproject.component.follow.FollowConstitutionRepository
import fr.dcproject.component.follow.FollowForUpdate
import fr.dcproject.component.follow.FollowVoter
import fr.dcproject.entity.ConstitutionRef
import fr.dcproject.voter.assert
import fr.dcproject.security.assert
import io.ktor.application.call
import io.ktor.http.HttpStatusCode
import io.ktor.locations.KtorExperimentalLocationsAPI
@@ -20,10 +20,10 @@ object FollowConstitution {
@Location("/constitutions/{constitution}/follows")
class ConstitutionFollowRequest(val constitution: ConstitutionRef)
fun Route.followConstitution(repo: FollowConstitutionRepository, voter: FollowVoter) {
fun Route.followConstitution(repo: FollowConstitutionRepository, ac: FollowAccessControl) {
post<ConstitutionFollowRequest> {
val follow = FollowForUpdate(target = it.constitution, createdBy = this.citizen)
voter.assert { canCreate(follow, citizenOrNull) }
ac.assert { canCreate(follow, citizenOrNull) }
repo.follow(follow)
call.respond(HttpStatusCode.Created)
}

8
src/main/kotlin/component/follow/routes/constitution/GetFollowConstitution.kt
View File

@@ -2,10 +2,10 @@ package fr.dcproject.component.follow.routes.constitution
import fr.dcproject.component.auth.citizen
import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.follow.FollowAccessControl
import fr.dcproject.component.follow.FollowConstitutionRepository
import fr.dcproject.component.follow.FollowVoter
import fr.dcproject.entity.ConstitutionRef
import fr.dcproject.voter.assert
import fr.dcproject.security.assert
import io.ktor.application.call
import io.ktor.http.HttpStatusCode
import io.ktor.locations.KtorExperimentalLocationsAPI
@@ -19,10 +19,10 @@ object GetFollowConstitution {
@Location("/constitutions/{constitution}/follows")
class ConstitutionFollowRequest(val constitution: ConstitutionRef)
fun Route.getFollowConstitution(repo: FollowConstitutionRepository, voter: FollowVoter) {
fun Route.getFollowConstitution(repo: FollowConstitutionRepository, ac: FollowAccessControl) {
get<ConstitutionFollowRequest> {
repo.findFollow(citizen, it.constitution)?.let { follow ->
voter.assert { canView(follow, citizenOrNull) }
ac.assert { canView(follow, citizenOrNull) }
call.respond(follow)
} ?: call.respond(HttpStatusCode.NotFound)
}

8
src/main/kotlin/component/follow/routes/constitution/GetMyFollowsConstitution.kt
View File

@@ -2,9 +2,9 @@ package fr.dcproject.component.follow.routes.constitution
import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.citizen.CitizenRef
import fr.dcproject.component.follow.FollowAccessControl
import fr.dcproject.component.follow.FollowConstitutionRepository
import fr.dcproject.component.follow.FollowVoter
import fr.dcproject.voter.assert
import fr.dcproject.security.assert
import io.ktor.application.call
import io.ktor.locations.KtorExperimentalLocationsAPI
import io.ktor.locations.Location
@@ -17,10 +17,10 @@ object GetMyFollowsConstitution {
@Location("/citizens/{citizen}/follows/constitutions")
class CitizenFollowConstitutionRequest(val citizen: CitizenRef)
fun Route.getMyFollowsConstitution(repo: FollowConstitutionRepository, voter: FollowVoter) {
fun Route.getMyFollowsConstitution(repo: FollowConstitutionRepository, ac: FollowAccessControl) {
get<CitizenFollowConstitutionRequest> {
val follows = repo.findByCitizen(it.citizen)
voter.assert { canView(follows.result, citizenOrNull) }
ac.assert { canView(follows.result, citizenOrNull) }
call.respond(follows)
}
}

8
src/main/kotlin/component/follow/routes/constitution/UnfollowConstitution.kt
View File

@@ -2,11 +2,11 @@ package fr.dcproject.component.follow.routes.constitution
import fr.dcproject.component.auth.citizen
import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.follow.FollowAccessControl
import fr.dcproject.component.follow.FollowConstitutionRepository
import fr.dcproject.component.follow.FollowForUpdate
import fr.dcproject.component.follow.FollowVoter
import fr.dcproject.entity.ConstitutionRef
import fr.dcproject.voter.assert
import fr.dcproject.security.assert
import io.ktor.application.call
import io.ktor.http.HttpStatusCode
import io.ktor.locations.KtorExperimentalLocationsAPI
@@ -20,10 +20,10 @@ object UnfollowConstitution {
@Location("/constitutions/{constitution}/follows")
class ConstitutionUnfollowRequest(val constitution: ConstitutionRef)
fun Route.unfollowConstitution(repo: FollowConstitutionRepository, voter: FollowVoter) {
fun Route.unfollowConstitution(repo: FollowConstitutionRepository, ac: FollowAccessControl) {
delete<ConstitutionUnfollowRequest> {
val follow = FollowForUpdate(target = it.constitution, createdBy = this.citizen)
voter.assert { canDelete(follow, citizenOrNull) }
ac.assert { canDelete(follow, citizenOrNull) }
repo.unfollow(follow)
call.respond(HttpStatusCode.NoContent)
}