aykhans/slash-e
1
0
Fork 0
mirror of https://github.com/aykhans/slash-e.git synced 2025-07-07 05:32:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: update acl config

Browse Source
This commit is contained in:
Steven
2023-11-12 01:43:56 +08:00
parent 8f608dc522
commit 626b0df21c
7 changed files with 412 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
api/v2/acl_config.go
View File

@ -3,8 +3,10 @@ package v2
import "strings"
var allowedMethodsWhenUnauthorized = map[string]bool{
"/slash.api.v2.WorkspaceService/GetWorkspaceProfile": true,
"/slash.api.v2.WorkspaceService/GetWorkspaceSetting": true,
"/slash.api.v2.WorkspaceService/GetWorkspaceProfile": true,
"/slash.api.v2.WorkspaceService/GetWorkspaceSetting": true,
"/slash.api.v2.ShortcutService/GetShortcut": true,
"/slash.api.v2.CollectionService/GetCollectionByName": true,
}
// isUnauthorizeAllowedMethod returns true if the method is allowed to be called when the user is not authorized.

27
api/v2/collection_service.go
View File

@ -54,6 +54,33 @@ func (s *APIV2Service) GetCollection(ctx context.Context, request *apiv2pb.GetCo
return response, nil
}
func (s *APIV2Service) GetCollectionByName(ctx context.Context, request *apiv2pb.GetCollectionByNameRequest) (*apiv2pb.GetCollectionByNameResponse, error) {
collection, err := s.Store.GetCollection(ctx, &store.FindCollection{
Name: &request.Name,
})
if err != nil {
return nil, status.Errorf(codes.Internal, "failed to get collection by name: %v", err)
}
if collection == nil {
return nil, status.Errorf(codes.NotFound, "collection not found")
}
userID, ok := ctx.Value(userIDContextKey).(int32)
if ok {
if collection.Visibility == storepb.Visibility_PRIVATE && collection.CreatorId != userID {
return nil, status.Errorf(codes.PermissionDenied, "Permission denied")
}
} else {
if collection.Visibility != storepb.Visibility_PUBLIC {
return nil, status.Errorf(codes.PermissionDenied, "Permission denied")
}
}
response := &apiv2pb.GetCollectionByNameResponse{
Collection: convertCollectionFromStore(collection),
}
return response, nil
}
func (s *APIV2Service) CreateCollection(ctx context.Context, request *apiv2pb.CreateCollectionRequest) (*apiv2pb.CreateCollectionResponse, error) {
userID := ctx.Value(userIDContextKey).(int32)
collection := &storepb.Collection{

13
api/v2/shortcut_service.go
View File

@ -60,10 +60,17 @@ func (s *APIV2Service) GetShortcut(ctx context.Context, request *apiv2pb.GetShor
return nil, status.Errorf(codes.NotFound, "shortcut not found")
}
userID := ctx.Value(userIDContextKey).(int32)
if shortcut.Visibility == storepb.Visibility_PRIVATE && shortcut.CreatorId != userID {
return nil, status.Errorf(codes.PermissionDenied, "Permission denied")
userID, ok := ctx.Value(userIDContextKey).(int32)
if ok {
if shortcut.Visibility == storepb.Visibility_PRIVATE && shortcut.CreatorId != userID {
return nil, status.Errorf(codes.PermissionDenied, "Permission denied")
}
} else {
if shortcut.Visibility != storepb.Visibility_PUBLIC {
return nil, status.Errorf(codes.PermissionDenied, "Permission denied")
}
}
composedShortcut, err := s.convertShortcutFromStorepb(ctx, shortcut)
if err != nil {
return nil, status.Errorf(codes.Internal, "failed to convert shortcut, err: %v", err)