chore: update find shortcut

2025-06-14 20:07:50 +00:00 · 2022-09-15 21:12:04 +08:00
parent 7f29882ebf
commit 874b7768c8
4 changed files with 39 additions and 8 deletions
--- a/server/shortcut.go
+++ b/server/shortcut.go
@ -66,8 +66,12 @@ func (s *Server) registerShortcutRoutes(g *echo.Group) {

 	g.GET("/shortcut", func(c echo.Context) error {
 		ctx := c.Request().Context()
-		shortcutFind := &api.ShortcutFind{}
+		userID, ok := c.Get(getUserIDContextKey()).(int)
+		if !ok {
+			return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
+		}

+		shortcutFind := &api.ShortcutFind{}
 		if workspaceID, err := strconv.Atoi(c.QueryParam("workspaceId")); err == nil {
 			shortcutFind.WorkspaceID = &workspaceID
 		}
@ -78,10 +82,24 @@ func (s *Server) registerShortcutRoutes(g *echo.Group) {
 			shortcutFind.Link = &link
 		}

-		list, err := s.Store.FindShortcutList(ctx, shortcutFind)
+		list := []*api.Shortcut{}
+		if shortcutFind.WorkspaceID == nil {
+			shortcutFind.MemberID = &userID
+		}
+		shortcutFind.VisibilityList = []api.Visibility{api.VisibilityWorkspace, api.VisibilityPublic}
+		visibleShortcutList, err := s.Store.FindShortcutList(ctx, shortcutFind)
 		if err != nil {
 			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch shortcut list").SetInternal(err)
 		}
+		list = append(list, visibleShortcutList...)
+
+		shortcutFind.VisibilityList = []api.Visibility{api.VisibilityPrivite}
+		shortcutFind.CreatorID = &userID
+		privateShortcutList, err := s.Store.FindShortcutList(ctx, shortcutFind)
+		if err != nil {
+			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch private shortcut list").SetInternal(err)
+		}
+		list = append(list, privateShortcutList...)

 		c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8)
 		if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(list)); err != nil {
--- a/server/workspace.go
+++ b/server/workspace.go
@ -125,6 +125,10 @@ func (s *Server) registerWorkspaceRoutes(g *echo.Group) {
 				return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
 			}

+			if shortcut.Visibility == api.VisibilityPrivite && shortcut.CreatorID != userID {
+				return echo.NewHTTPError(http.StatusUnauthorized, "not shortcut owner")
+			}
+
 			workspaceUser, err := s.Store.FindWordspaceUser(ctx, &api.WorkspaceUserFind{
 				WorkspaceID: &workspace.ID,
 				UserID:      &userID,