mirror of
https://github.com/aykhans/slash-e.git
synced 2025-06-14 20:07:50 +00:00
feat: add public visibility
This commit is contained in:
@ -60,7 +60,9 @@ func aclMiddleware(s *Server, next echo.HandlerFunc) echo.HandlerFunc {
|
||||
return next(c)
|
||||
}
|
||||
|
||||
if common.HasPrefixes(path, "/api/ping", "/api/status", "/api/user/:id") && c.Request().Method == http.MethodGet {
|
||||
println("path", path)
|
||||
|
||||
if common.HasPrefixes(path, "/api/ping", "/api/status", "/api/user/:id", "/api/workspace/:workspaceName/shortcut/:shortcutName") && c.Request().Method == http.MethodGet {
|
||||
return next(c)
|
||||
}
|
||||
|
||||
|
@ -92,11 +92,6 @@ func (s *Server) registerWorkspaceRoutes(g *echo.Group) {
|
||||
|
||||
g.GET("/workspace/:workspaceName/shortcut/:shortcutName", func(c echo.Context) error {
|
||||
ctx := c.Request().Context()
|
||||
userID, ok := c.Get(getUserIDContextKey()).(int)
|
||||
if !ok {
|
||||
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
|
||||
}
|
||||
|
||||
workspaceName := c.Param("workspaceName")
|
||||
shortcutName := c.Param("shortcutName")
|
||||
if workspaceName == "" || shortcutName == "" {
|
||||
@ -113,20 +108,6 @@ func (s *Server) registerWorkspaceRoutes(g *echo.Group) {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Errorf("failed to find workspace with name %s", workspaceName)).SetInternal(err)
|
||||
}
|
||||
|
||||
workspaceUser, err := s.Store.FindWordspaceUser(ctx, &api.WorkspaceUserFind{
|
||||
WorkspaceID: &workspace.ID,
|
||||
UserID: &userID,
|
||||
})
|
||||
if err != nil {
|
||||
if common.ErrorCode(err) == common.NotFound {
|
||||
return echo.NewHTTPError(http.StatusNotFound, "workspace user not found")
|
||||
}
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find workspace user").SetInternal(err)
|
||||
}
|
||||
if workspaceUser == nil {
|
||||
return echo.NewHTTPError(http.StatusUnauthorized, "not workspace user")
|
||||
}
|
||||
|
||||
shortcut, err := s.Store.FindShortcut(ctx, &api.ShortcutFind{
|
||||
WorkspaceID: &workspace.ID,
|
||||
Name: &shortcutName,
|
||||
@ -138,6 +119,27 @@ func (s *Server) registerWorkspaceRoutes(g *echo.Group) {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Errorf("failed to find shortcut with name %s", shortcutName)).SetInternal(err)
|
||||
}
|
||||
|
||||
if shortcut.Visibility != api.VisibilityPublic {
|
||||
userID, ok := c.Get(getUserIDContextKey()).(int)
|
||||
if !ok {
|
||||
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
|
||||
}
|
||||
|
||||
workspaceUser, err := s.Store.FindWordspaceUser(ctx, &api.WorkspaceUserFind{
|
||||
WorkspaceID: &workspace.ID,
|
||||
UserID: &userID,
|
||||
})
|
||||
if err != nil {
|
||||
if common.ErrorCode(err) == common.NotFound {
|
||||
return echo.NewHTTPError(http.StatusNotFound, "workspace user not found")
|
||||
}
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find workspace user").SetInternal(err)
|
||||
}
|
||||
if workspaceUser == nil {
|
||||
return echo.NewHTTPError(http.StatusUnauthorized, "not workspace user")
|
||||
}
|
||||
}
|
||||
|
||||
c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8)
|
||||
if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(shortcut)); err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode shortcut response").SetInternal(err)
|
||||
|
Reference in New Issue
Block a user