DC/dc-project
1
1
Fork 0
Code Issues 25 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

improve security.

Browse Source
This commit is contained in:
Fabrice Lecomte
2019-08-30 22:32:30 +02:00
parent f5bff403f0
commit 9e88b33595
14 changed files with 109 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/kotlin/fr/dcproject/routes/Article.kt
View File

@@ -16,7 +16,6 @@ import io.ktor.routing.Route
import fr.dcproject.entity.Article as ArticleEntity
import fr.dcproject.repository.Article as ArticleRepository
@KtorExperimentalLocationsAPI
object ArticlesPaths {
@Location("/articles") class ArticlesRequest(page: Int = 1, limit: Int = 50, val sort: String? = null, val direction: RepositoryI.Direction? = null, val search: String? = null) {
@@ -30,9 +29,8 @@ object ArticlesPaths {
@KtorExperimentalLocationsAPI
fun Route.article(repo: ArticleRepository) {
get<ArticlesPaths.ArticlesRequest> {
assertCan(VIEW)
val articles = repo.find(it.page, it.limit, it.sort, it.direction, it.search)
assertCan(VIEW, articles.result)
call.respond(articles)
}
@@ -43,11 +41,11 @@ fun Route.article(repo: ArticleRepository) {
}
post<ArticlesPaths.PostArticleRequest> {
assertCan(CREATE)
val article = call.receive<ArticleEntity>()
article.createdBy = citizen
assertCan(CREATE, article)
repo.upsert(article)
call.respond(article)