Skip to content

Commit 3556ae4

Browse files
authored
fix: access control (#870)
1 parent f888c62 commit 3556ae4

14 files changed

+276
-235
lines changed

Diff for: api/memo.go

+4-4
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ type Memo struct {
4646

4747
type MemoCreate struct {
4848
// Standard fields
49-
CreatorID int
49+
CreatorID int `json:"-"`
5050

5151
// Domain specific fields
5252
Visibility Visibility `json:"visibility"`
@@ -73,11 +73,11 @@ type MemoPatch struct {
7373
}
7474

7575
type MemoFind struct {
76-
ID *int `json:"id"`
76+
ID *int
7777

7878
// Standard fields
79-
RowStatus *RowStatus `json:"rowStatus"`
80-
CreatorID *int `json:"creatorId"`
79+
RowStatus *RowStatus
80+
CreatorID *int
8181

8282
// Domain specific fields
8383
Pinned *bool

Diff for: api/memo_organizer.go

+5-5
Original file line numberDiff line numberDiff line change
@@ -9,15 +9,15 @@ type MemoOrganizer struct {
99
Pinned bool
1010
}
1111

12-
type MemoOrganizerFind struct {
13-
MemoID int
14-
UserID int
12+
type MemoOrganizerUpsert struct {
13+
MemoID int `json:"-"`
14+
UserID int `json:"-"`
15+
Pinned bool `json:"pinned"`
1516
}
1617

17-
type MemoOrganizerUpsert struct {
18+
type MemoOrganizerFind struct {
1819
MemoID int
1920
UserID int
20-
Pinned bool `json:"pinned"`
2121
}
2222

2323
type MemoOrganizerDelete struct {

Diff for: api/memo_resource.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ type MemoResource struct {
88
}
99

1010
type MemoResourceUpsert struct {
11-
MemoID int
11+
MemoID int `json:"-"`
1212
ResourceID int
1313
UpdatedTs *int64
1414
}

Diff for: api/resource.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ type Resource struct {
2020

2121
type ResourceCreate struct {
2222
// Standard fields
23-
CreatorID int
23+
CreatorID int `json:"-"`
2424

2525
// Domain specific fields
2626
Filename string `json:"filename"`

Diff for: api/shortcut.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ type Shortcut struct {
1616

1717
type ShortcutCreate struct {
1818
// Standard fields
19-
CreatorID int
19+
CreatorID int `json:"-"`
2020

2121
// Domain specific fields
2222
Title string `json:"title"`

Diff for: api/tag.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ type Tag struct {
77

88
type TagUpsert struct {
99
Name string
10-
CreatorID int
10+
CreatorID int `json:"-"`
1111
}
1212

1313
type TagFind struct {

Diff for: api/user_setting.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ type UserSetting struct {
5050
}
5151

5252
type UserSettingUpsert struct {
53-
UserID int
53+
UserID int `json:"-"`
5454
Key UserSettingKey `json:"key"`
5555
Value string `json:"value"`
5656
}

Diff for: server/auth.go

+3-3
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,7 @@ func (s *Server) registerAuthRoutes(g *echo.Group) {
8484
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find host user").SetInternal(err)
8585
}
8686
if signup.Role == api.Host && hostUser != nil {
87-
return echo.NewHTTPError(http.StatusUnauthorized, "Site Host existed, please contact the site host to signin account firstly.").SetInternal(err)
87+
return echo.NewHTTPError(http.StatusUnauthorized, "Site Host existed, please contact the site host to signin account firstly").SetInternal(err)
8888
}
8989

9090
systemSettingAllowSignUpName := api.SystemSettingAllowSignUpName
@@ -103,7 +103,7 @@ func (s *Server) registerAuthRoutes(g *echo.Group) {
103103
}
104104
}
105105
if !allowSignUpSettingValue && hostUser != nil {
106-
return echo.NewHTTPError(http.StatusUnauthorized, "Site Host existed, please contact the site host to signin account firstly.").SetInternal(err)
106+
return echo.NewHTTPError(http.StatusUnauthorized, "Site Host existed, please contact the site host to signin account firstly").SetInternal(err)
107107
}
108108

109109
userCreate := &api.UserCreate{
@@ -114,7 +114,7 @@ func (s *Server) registerAuthRoutes(g *echo.Group) {
114114
OpenID: common.GenUUID(),
115115
}
116116
if err := userCreate.Validate(); err != nil {
117-
return echo.NewHTTPError(http.StatusBadRequest, "Invalid user create format.").SetInternal(err)
117+
return echo.NewHTTPError(http.StatusBadRequest, "Invalid user create format").SetInternal(err)
118118
}
119119

120120
passwordHash, err := bcrypt.GenerateFromPassword([]byte(signup.Password), bcrypt.DefaultCost)

0 commit comments

Comments
 (0)