Big refactoring #77
@@ -44,14 +44,6 @@ val converters: ConverterDeclaration = {
|
||||
|
||||
// TODO remove converters of entities
|
||||
|
||||
convert<Constitution> {
|
||||
decode { values, _ ->
|
||||
val id = values.singleOrNull()?.let { UUID.fromString(it) }
|
||||
?: throw InternalError("Cannot convert $values to UUID")
|
||||
get<ConstitutionRepository>().findById(id) ?: throw NotFoundException("Constitution $values not found")
|
||||
}
|
||||
}
|
||||
|
||||
convert<Citizen> {
|
||||
decode { values, _ ->
|
||||
val id = values.singleOrNull()?.let { UUID.fromString(it) }
|
||||
|
||||
@@ -3,6 +3,8 @@ package fr.dcproject.component.constitution
|
||||
import fr.dcproject.component.citizen.CitizenI
|
||||
import fr.dcproject.security.AccessControl
|
||||
import fr.dcproject.security.AccessResponse
|
||||
import fr.postgresjson.entity.EntityCreatedBy
|
||||
import fr.postgresjson.entity.EntityDeletedAt
|
||||
|
||||
class ConstitutionAccessControl : AccessControl() {
|
||||
fun canCreate(subject: ConstitutionS, citizen: CitizenI?): AccessResponse = when {
|
||||
@@ -13,18 +15,18 @@ class ConstitutionAccessControl : AccessControl() {
|
||||
fun <S : ConstitutionSimple<*, *>> canView(subjects: List<S>, citizen: CitizenI?): AccessResponse =
|
||||
canAll(subjects) { canView(it, citizen) }
|
||||
|
||||
fun canView(subject: ConstitutionSimple<*, *>, citizen: CitizenI?): AccessResponse = when {
|
||||
fun <S> canView(subject: S, citizen: CitizenI?): AccessResponse where S: EntityDeletedAt, S: ConstitutionS = when {
|
||||
subject.isDeleted() -> denied("You cannot view a deleted constitution", "constitution.view.deleted")
|
||||
else -> granted()
|
||||
}
|
||||
|
||||
fun canDelete(subject: ConstitutionSimple<*, *>, citizen: CitizenI?): AccessResponse = when {
|
||||
fun <S> canDelete(subject: S, citizen: CitizenI?): AccessResponse where S : EntityCreatedBy<CitizenI>, S : ConstitutionRef = when {
|
||||
citizen == null -> denied("You must be connected to delete constitution", "constitution.delete.notConnected")
|
||||
subject.createdBy.id != citizen.id -> denied("You cannot delete the constitution of other citizen", "constitution.delete.otherCitizen")
|
||||
else -> granted()
|
||||
}
|
||||
|
||||
fun canUpdate(subject: ConstitutionSimple<*, *>, citizen: CitizenI?): AccessResponse = when {
|
||||
fun <S> canUpdate(subject: S, citizen: CitizenI?): AccessResponse where S : EntityCreatedBy<CitizenI>, S : ConstitutionRef = when {
|
||||
citizen == null -> denied("You must be connected to update constitution", "constitution.update.notConnected")
|
||||
subject.createdBy.id != citizen.id -> denied("You cannot update the constitution of other citizen", "constitution.update.otherCitizen")
|
||||
else -> granted()
|
||||
|
||||
@@ -2,24 +2,30 @@ package fr.dcproject.component.constitution.routes
|
||||
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.constitution.ConstitutionAccessControl
|
||||
import fr.dcproject.component.constitution.ConstitutionRef
|
||||
import fr.dcproject.component.constitution.ConstitutionRepository
|
||||
import fr.dcproject.security.assert
|
||||
import io.ktor.application.call
|
||||
import io.ktor.features.NotFoundException
|
||||
import io.ktor.locations.KtorExperimentalLocationsAPI
|
||||
import io.ktor.locations.Location
|
||||
import io.ktor.locations.get
|
||||
import io.ktor.response.respond
|
||||
import io.ktor.routing.Route
|
||||
import fr.dcproject.component.constitution.Constitution as ConstitutionEntity
|
||||
import java.util.UUID
|
||||
|
||||
@KtorExperimentalLocationsAPI
|
||||
object GetConstitution {
|
||||
@Location("/constitutions/{constitution}")
|
||||
class GetConstitutionRequest(val constitution: ConstitutionEntity)
|
||||
class GetConstitutionRequest(constitution: UUID) {
|
||||
val constitution = ConstitutionRef(constitution)
|
||||
}
|
||||
|
||||
fun Route.getConstitution(ac: ConstitutionAccessControl) {
|
||||
fun Route.getConstitution(ac: ConstitutionAccessControl, constitutionRepo: ConstitutionRepository) {
|
||||
get<GetConstitutionRequest> {
|
||||
ac.assert { canView(it.constitution, citizenOrNull) }
|
||||
call.respond(it.constitution)
|
||||
val constitution = constitutionRepo.findById(it.constitution.id) ?: throw NotFoundException("Unable to find constitution ${it.constitution.id}")
|
||||
ac.assert { canView(constitution, citizenOrNull) }
|
||||
call.respond(constitution)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ import org.koin.ktor.ext.get
|
||||
@KtorExperimentalLocationsAPI
|
||||
fun Routing.installConstitutionRoutes() {
|
||||
authenticate(optional = true) {
|
||||
getConstitution(get())
|
||||
getConstitution(get(), get())
|
||||
findConstitutions(get(), get())
|
||||
createConstitution(get(), get())
|
||||
}
|
||||
|
||||
@@ -2,12 +2,15 @@ package fr.dcproject.component.vote.routes
|
||||
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.constitution.ConstitutionRef
|
||||
import fr.dcproject.component.constitution.ConstitutionRepository
|
||||
import fr.dcproject.component.vote.VoteAccessControl
|
||||
import fr.dcproject.component.vote.VoteConstitutionRepository
|
||||
import fr.dcproject.component.vote.entity.VoteForUpdate
|
||||
import fr.dcproject.component.vote.routes.VoteConstitution.ConstitutionVoteRequest.Input
|
||||
import fr.dcproject.security.assert
|
||||
import io.ktor.application.call
|
||||
import io.ktor.features.NotFoundException
|
||||
import io.ktor.http.HttpStatusCode
|
||||
import io.ktor.locations.KtorExperimentalLocationsAPI
|
||||
import io.ktor.locations.Location
|
||||
@@ -16,19 +19,22 @@ import io.ktor.request.receive
|
||||
import io.ktor.response.respond
|
||||
import io.ktor.routing.Route
|
||||
import fr.dcproject.component.constitution.Constitution as ConstitutionEntity
|
||||
import java.util.UUID
|
||||
|
||||
@KtorExperimentalLocationsAPI
|
||||
object VoteConstitution {
|
||||
@Location("/constitutions/{constitution}/vote")
|
||||
class ConstitutionVoteRequest(val constitution: ConstitutionEntity) {
|
||||
class ConstitutionVoteRequest(constitution: UUID) {
|
||||
val constitution = ConstitutionRef(constitution)
|
||||
data class Input(var note: Int)
|
||||
}
|
||||
|
||||
fun Route.voteConstitution(repo: VoteConstitutionRepository, ac: VoteAccessControl) {
|
||||
fun Route.voteConstitution(repo: VoteConstitutionRepository, ac: VoteAccessControl, constitutionRepo: ConstitutionRepository) {
|
||||
put<ConstitutionVoteRequest> {
|
||||
val constitution = constitutionRepo.findById(it.constitution.id) ?: throw NotFoundException("Unable to find constitution ${it.constitution.id}")
|
||||
val content = call.receive<Input>()
|
||||
val vote = VoteForUpdate(
|
||||
target = it.constitution,
|
||||
target = constitution,
|
||||
note = content.note,
|
||||
createdBy = this.citizen
|
||||
)
|
||||
|
||||
@@ -17,6 +17,6 @@ fun Routing.installVoteRoutes() {
|
||||
getCitizenVotesOnArticle(get(), get())
|
||||
putVoteOnArticle(get(), get(), get())
|
||||
putVoteOnComment(get(), get(), get())
|
||||
voteConstitution(get(), get())
|
||||
voteConstitution(get(), get(), get())
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user