Realm permission check

This commit is contained in:
LittleSheep 2024-02-09 12:36:39 +08:00
parent 798e78ff8e
commit 012ee55c3a
6 changed files with 92 additions and 20 deletions

View File

@ -8,18 +8,19 @@ import "time"
type Account struct {
BaseModel
Name string `json:"name"`
Nick string `json:"nick"`
Avatar string `json:"avatar"`
Description string `json:"description"`
EmailAddress string `json:"email_address"`
PowerLevel int `json:"power_level"`
Posts []Post `json:"posts" gorm:"foreignKey:AuthorID"`
Attachments []Attachment `json:"attachments" gorm:"foreignKey:AuthorID"`
LikedPosts []PostLike `json:"liked_posts"`
DislikedPosts []PostDislike `json:"disliked_posts"`
Realms []Realm `json:"realms"`
ExternalID uint `json:"external_id"`
Name string `json:"name"`
Nick string `json:"nick"`
Avatar string `json:"avatar"`
Description string `json:"description"`
EmailAddress string `json:"email_address"`
PowerLevel int `json:"power_level"`
Posts []Post `json:"posts" gorm:"foreignKey:AuthorID"`
Attachments []Attachment `json:"attachments" gorm:"foreignKey:AuthorID"`
LikedPosts []PostLike `json:"liked_posts"`
DislikedPosts []PostDislike `json:"disliked_posts"`
RealmIdentities []RealmMember `json:"identities"`
Realms []Realm `json:"realms"`
ExternalID uint `json:"external_id"`
}
type AccountMembership struct {

View File

@ -3,8 +3,17 @@ package models
type Realm struct {
BaseModel
Name string `json:"name"`
Description string `json:"description"`
Posts []Post `json:"posts"`
AccountID uint `json:"account_id"`
Name string `json:"name"`
Description string `json:"description"`
Posts []Post `json:"posts"`
Members []RealmMember `json:"members"`
IsPublic bool `json:"is_public"`
AccountID uint `json:"account_id"`
}
type RealmMember struct {
BaseModel
RealmID uint `json:"realm_id"`
AccountID uint `json:"account_id"`
}

View File

@ -49,13 +49,14 @@ func createRealm(c *fiber.Ctx) error {
var data struct {
Name string `json:"name" validate:"required"`
Description string `json:"description"`
IsPublic bool `json:"is_public"`
}
if err := BindAndValidate(c, &data); err != nil {
return err
}
realm, err := services.NewRealm(user, data.Name, data.Description)
realm, err := services.NewRealm(user, data.Name, data.Description, data.IsPublic)
if err != nil {
return fiber.NewError(fiber.StatusBadRequest, err.Error())
}
@ -63,6 +64,40 @@ func createRealm(c *fiber.Ctx) error {
return c.JSON(realm)
}
func inviteRealm(c *fiber.Ctx) error {
user := c.Locals("principal").(models.Account)
realmId, _ := c.ParamsInt("realmId", 0)
var data struct {
AccountID uint `json:"account_id" validate:"required"`
}
if err := BindAndValidate(c, &data); err != nil {
return err
}
var realm models.Realm
if err := database.C.Where(&models.Realm{
BaseModel: models.BaseModel{ID: uint(realmId)},
AccountID: user.ID,
}).First(&realm).Error; err != nil {
return fiber.NewError(fiber.StatusNotFound, err.Error())
}
var account models.Account
if err := database.C.Where(&models.Account{
BaseModel: models.BaseModel{ID: uint(realmId)},
}).First(&account).Error; err != nil {
return fiber.NewError(fiber.StatusNotFound, err.Error())
}
if err := services.InviteRealmMember(account, realm); err != nil {
return fiber.NewError(fiber.StatusBadRequest, err.Error())
} else {
return c.SendStatus(fiber.StatusOK)
}
}
func editRealm(c *fiber.Ctx) error {
user := c.Locals("principal").(models.Account)
id, _ := c.ParamsInt("realmId", 0)
@ -70,6 +105,7 @@ func editRealm(c *fiber.Ctx) error {
var data struct {
Name string `json:"name" validate:"required"`
Description string `json:"description"`
IsPublic bool `json:"is_public"`
}
if err := BindAndValidate(c, &data); err != nil {
@ -84,7 +120,7 @@ func editRealm(c *fiber.Ctx) error {
return fiber.NewError(fiber.StatusNotFound, err.Error())
}
realm, err := services.EditRealm(realm, data.Name, data.Description)
realm, err := services.EditRealm(realm, data.Name, data.Description, data.IsPublic)
if err != nil {
return fiber.NewError(fiber.StatusBadRequest, err.Error())
}

View File

@ -80,6 +80,7 @@ func NewServer() {
api.Get("/realms/me", auth, listOwnedRealm)
api.Get("/realms/:realmId", getRealm)
api.Post("/realms", auth, createRealm)
api.Post("/realms/:realmId/invite", auth, inviteRealm)
api.Put("/realms/:realmId", auth, editRealm)
api.Delete("/realms/:realmId", auth, deleteRealm)
}

View File

@ -151,6 +151,15 @@ func NewPost(
var realmId *uint
if realm != nil {
if !realm.IsPublic {
var member models.RealmMember
if err := database.C.Where(&models.RealmMember{
RealmID: *realmId,
AccountID: user.ID,
}).First(&member).Error; err != nil {
return post, fmt.Errorf("you aren't a part of that realm")
}
}
realmId = &realm.ID
}

View File

@ -23,11 +23,15 @@ func ListRealmWithUser(user models.Account) ([]models.Realm, error) {
return realms, nil
}
func NewRealm(user models.Account, name, description string) (models.Realm, error) {
func NewRealm(user models.Account, name, description string, isPublic bool) (models.Realm, error) {
realm := models.Realm{
Name: name,
Description: description,
AccountID: user.ID,
IsPublic: isPublic,
Members: []models.RealmMember{
{AccountID: user.ID},
},
}
err := database.C.Save(&realm).Error
@ -35,9 +39,21 @@ func NewRealm(user models.Account, name, description string) (models.Realm, erro
return realm, err
}
func EditRealm(realm models.Realm, name, description string) (models.Realm, error) {
func InviteRealmMember(user models.Account, target models.Realm) error {
member := models.RealmMember{
RealmID: target.ID,
AccountID: user.ID,
}
err := database.C.Save(&member).Error
return err
}
func EditRealm(realm models.Realm, name, description string, isPublic bool) (models.Realm, error) {
realm.Name = name
realm.Description = description
realm.IsPublic = isPublic
err := database.C.Save(&realm).Error