add: grant scopes for all community endpoints
This commit is contained in:
parent
ca8f510a3a
commit
c3139ef1d2
10 changed files with 342 additions and 75 deletions
|
|
@ -5,10 +5,10 @@ use axum::{
|
|||
};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use tetratto_core::model::{
|
||||
ApiReturn, Error,
|
||||
auth::Notification,
|
||||
communities::{Community, CommunityMembership},
|
||||
communities_permissions::CommunityPermission,
|
||||
oauth, ApiReturn, Error,
|
||||
};
|
||||
|
||||
use crate::{
|
||||
|
|
@ -44,7 +44,7 @@ pub async fn create_request(
|
|||
Json(req): Json<CreateCommunity>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateCommunities) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -73,7 +73,7 @@ pub async fn delete_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityDelete) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -95,7 +95,7 @@ pub async fn update_title_request(
|
|||
Json(req): Json<UpdateCommunityTitle>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -117,7 +117,7 @@ pub async fn update_context_request(
|
|||
Json(req): Json<UpdateCommunityContext>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -149,7 +149,7 @@ pub async fn update_read_access_request(
|
|||
Json(req): Json<UpdateCommunityReadAccess>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -174,7 +174,7 @@ pub async fn update_write_access_request(
|
|||
Json(req): Json<UpdateCommunityWriteAccess>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -199,7 +199,7 @@ pub async fn update_join_access_request(
|
|||
Json(req): Json<UpdateCommunityJoinAccess>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -224,7 +224,7 @@ pub async fn update_owner_request(
|
|||
Json(req): Json<UpdateCommunityOwner>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityTransferOwnership) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -255,7 +255,7 @@ pub async fn get_membership(
|
|||
Path((cid, uid)): Path<(usize, usize)>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityReadMemberships) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -286,7 +286,7 @@ pub async fn create_membership(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserJoinCommunities) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -314,7 +314,7 @@ pub async fn delete_membership(
|
|||
Path((cid, uid)): Path<(usize, usize)>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageMemberships) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -341,7 +341,7 @@ pub async fn update_membership_role(
|
|||
Json(req): Json<UpdateMembershipRole>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageMemberships) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -449,7 +449,7 @@ pub async fn supports_titles_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
if get_user_from_token!(jar, data).is_none() {
|
||||
if get_user_from_token!(jar, data, oauth::AppScope::UserReadCommunities).is_none() {
|
||||
return Json(Error::NotAllowed.into());
|
||||
}
|
||||
|
||||
|
|
@ -468,3 +468,55 @@ pub async fn supports_titles_request(
|
|||
payload: (),
|
||||
})
|
||||
}
|
||||
|
||||
pub async fn get_request(
|
||||
jar: CookieJar,
|
||||
Extension(data): Extension<State>,
|
||||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
if get_user_from_token!(jar, data, oauth::AppScope::UserReadCommunities).is_none() {
|
||||
return Json(Error::NotAllowed.into());
|
||||
}
|
||||
|
||||
match data.get_community_by_id_no_void(id).await {
|
||||
Ok(c) => Json(ApiReturn {
|
||||
ok: true,
|
||||
message: "Success".to_string(),
|
||||
payload: Some(c),
|
||||
}),
|
||||
Err(e) => Json(e.into()),
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn get_communities_request(
|
||||
jar: CookieJar,
|
||||
Extension(data): Extension<State>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadCommunities) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
||||
let memberships = match data.get_memberships_by_owner(user.id).await {
|
||||
Ok(p) => p,
|
||||
Err(e) => return Json(e.into()),
|
||||
};
|
||||
|
||||
let mut communities: Vec<Community> = Vec::new();
|
||||
for membership in memberships {
|
||||
let community = match data.get_community_by_id_no_void(membership.community).await {
|
||||
Ok(p) => p,
|
||||
Err(e) => return Json(e.into()),
|
||||
};
|
||||
|
||||
communities.push(community)
|
||||
}
|
||||
|
||||
Json(ApiReturn {
|
||||
ok: true,
|
||||
message: "Success".to_string(),
|
||||
payload: Some(communities),
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue