DC/dc-project
1
1
Fork 0
Code Issues 25 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Refactoring of updateOpinions (route/repo/query)

Browse Source 
Can nw be set multiple opinion on sigle query
fix OpinionVoter on CREATE
This commit is contained in:
Fabrice Lecomte
2020-03-22 00:53:08 +01:00
parent 479793503c
commit 589b6f5245
10 changed files with 151 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/main/kotlin/fr/dcproject/security/voter/OpinionVoter.kt
View File

@@ -1,5 +1,6 @@
package fr.dcproject.security.voter
import fr.dcproject.entity.ArticleAuthI
import fr.dcproject.entity.Opinion
import io.ktor.application.ApplicationCall
@@ -12,13 +13,17 @@ class OpinionVoter : Voter {
override fun supports(action: ActionI, call: ApplicationCall, subject: Any?): Boolean {
return (action is Action)
.and(subject is Opinion<*>?)
.and(subject is Opinion<*>? || subject is ArticleAuthI<*>)
}
override fun vote(action: ActionI, call: ApplicationCall, subject: Any?): Vote {
val user = call.user
if (action == Action.CREATE) {
return if (user != null) Vote.GRANTED else Vote.DENIED
return if (user != null && (
(subject is ArticleAuthI<*> && !subject.isDeleted()) ||
(subject is Opinion<*> && subject.createdBy.user.id == user.id)
)) Vote.GRANTED
else Vote.DENIED
}
if (action == Action.VIEW) {

9
src/main/kotlin/fr/dcproject/security/voter/Voter.kt
View File

@@ -38,14 +38,15 @@ enum class Vote {
private val votersAttributeKey = AttributeKey<List<Voter>>("voters")
fun ApplicationCall.assertCan(action: ActionI, subject: Any? = null) {
if (!can(action, subject)) {
fun ApplicationCall.assertCan(action: ActionI, subject: Any? = null, agreeIfNullOrEmpty: Boolean = true) {
val isNullOrEmpty = (subject == null || (subject is Collection<*> && subject.isNullOrEmpty()))
if (!can(action, subject) && !agreeIfNullOrEmpty && isNullOrEmpty) {
throw UnauthorizedException(action)
}
}
fun PipelineContext<Unit, ApplicationCall>.assertCan(action: ActionI, subject: Any? = null) =
context.assertCan(action, subject)
fun PipelineContext<Unit, ApplicationCall>.assertCan(action: ActionI, subject: Any? = null, agreeIfNullOrEmpty: Boolean = true) =
context.assertCan(action, subject, agreeIfNullOrEmpty)
fun PipelineContext<Unit, ApplicationCall>.can(action: ActionI, subject: Any? = null) =
context.can(action, subject)