Skip to content

Commit

Permalink
fix: access control (#870)
Browse files Browse the repository at this point in the history
  • Loading branch information
boojack committed Dec 28, 2022
1 parent f888c62 commit 3556ae4
Show file tree
Hide file tree
Showing 14 changed files with 276 additions and 235 deletions.
8 changes: 4 additions & 4 deletions api/memo.go
Expand Up @@ -46,7 +46,7 @@ type Memo struct {

type MemoCreate struct {
// Standard fields
CreatorID int
CreatorID int `json:"-"`

// Domain specific fields
Visibility Visibility `json:"visibility"`
Expand All @@ -73,11 +73,11 @@ type MemoPatch struct {
}

type MemoFind struct {
ID *int `json:"id"`
ID *int

// Standard fields
RowStatus *RowStatus `json:"rowStatus"`
CreatorID *int `json:"creatorId"`
RowStatus *RowStatus
CreatorID *int

// Domain specific fields
Pinned *bool
Expand Down
10 changes: 5 additions & 5 deletions api/memo_organizer.go
Expand Up @@ -9,15 +9,15 @@ type MemoOrganizer struct {
Pinned bool
}

type MemoOrganizerFind struct {
MemoID int
UserID int
type MemoOrganizerUpsert struct {
MemoID int `json:"-"`
UserID int `json:"-"`
Pinned bool `json:"pinned"`
}

type MemoOrganizerUpsert struct {
type MemoOrganizerFind struct {
MemoID int
UserID int
Pinned bool `json:"pinned"`
}

type MemoOrganizerDelete struct {
Expand Down
2 changes: 1 addition & 1 deletion api/memo_resource.go
Expand Up @@ -8,7 +8,7 @@ type MemoResource struct {
}

type MemoResourceUpsert struct {
MemoID int
MemoID int `json:"-"`
ResourceID int
UpdatedTs *int64
}
Expand Down
2 changes: 1 addition & 1 deletion api/resource.go
Expand Up @@ -20,7 +20,7 @@ type Resource struct {

type ResourceCreate struct {
// Standard fields
CreatorID int
CreatorID int `json:"-"`

// Domain specific fields
Filename string `json:"filename"`
Expand Down
2 changes: 1 addition & 1 deletion api/shortcut.go
Expand Up @@ -16,7 +16,7 @@ type Shortcut struct {

type ShortcutCreate struct {
// Standard fields
CreatorID int
CreatorID int `json:"-"`

// Domain specific fields
Title string `json:"title"`
Expand Down
2 changes: 1 addition & 1 deletion api/tag.go
Expand Up @@ -7,7 +7,7 @@ type Tag struct {

type TagUpsert struct {
Name string
CreatorID int
CreatorID int `json:"-"`
}

type TagFind struct {
Expand Down
2 changes: 1 addition & 1 deletion api/user_setting.go
Expand Up @@ -50,7 +50,7 @@ type UserSetting struct {
}

type UserSettingUpsert struct {
UserID int
UserID int `json:"-"`
Key UserSettingKey `json:"key"`
Value string `json:"value"`
}
Expand Down
6 changes: 3 additions & 3 deletions server/auth.go
Expand Up @@ -84,7 +84,7 @@ func (s *Server) registerAuthRoutes(g *echo.Group) {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find host user").SetInternal(err)
}
if signup.Role == api.Host && hostUser != nil {
return echo.NewHTTPError(http.StatusUnauthorized, "Site Host existed, please contact the site host to signin account firstly.").SetInternal(err)
return echo.NewHTTPError(http.StatusUnauthorized, "Site Host existed, please contact the site host to signin account firstly").SetInternal(err)
}

systemSettingAllowSignUpName := api.SystemSettingAllowSignUpName
Expand All @@ -103,7 +103,7 @@ func (s *Server) registerAuthRoutes(g *echo.Group) {
}
}
if !allowSignUpSettingValue && hostUser != nil {
return echo.NewHTTPError(http.StatusUnauthorized, "Site Host existed, please contact the site host to signin account firstly.").SetInternal(err)
return echo.NewHTTPError(http.StatusUnauthorized, "Site Host existed, please contact the site host to signin account firstly").SetInternal(err)
}

userCreate := &api.UserCreate{
Expand All @@ -114,7 +114,7 @@ func (s *Server) registerAuthRoutes(g *echo.Group) {
OpenID: common.GenUUID(),
}
if err := userCreate.Validate(); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "Invalid user create format.").SetInternal(err)
return echo.NewHTTPError(http.StatusBadRequest, "Invalid user create format").SetInternal(err)
}

passwordHash, err := bcrypt.GenerateFromPassword([]byte(signup.Password), bcrypt.DefaultCost)
Expand Down

0 comments on commit 3556ae4

Please sign in to comment.