mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2025-05-14 07:04:45 -04:00
refactor: move permissions service calls into permissions guard
This commit removes all previous calls to the permissions service at the beginning of the controller methods to the permissions guard. This should make the code a bit cleaner and remove boilerplate code. Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares
David Mehren
parent
3b92226bab
commit
3e4abb561d
2 changed files with 44 additions and 76 deletions
|
|
@ -13,7 +13,6 @@ import {
|
|||
NotFoundException,
|
||||
Param,
|
||||
Post,
|
||||
UnauthorizedException,
|
||||
UseGuards,
|
||||
} from '@nestjs/common';
|
||||
|
||||
|
|
@ -31,7 +30,8 @@ import { NoteDto } from '../../../notes/note.dto';
|
|||
import { Note } from '../../../notes/note.entity';
|
||||
import { NoteMediaDeletionDto } from '../../../notes/note.media-deletion.dto';
|
||||
import { NotesService } from '../../../notes/notes.service';
|
||||
import { PermissionsService } from '../../../permissions/permissions.service';
|
||||
import { Permissions } from '../../../permissions/permissions.decorator';
|
||||
import { Permission } from '../../../permissions/permissions.enum';
|
||||
import { RevisionMetadataDto } from '../../../revisions/revision-metadata.dto';
|
||||
import { RevisionDto } from '../../../revisions/revision.dto';
|
||||
import { RevisionsService } from '../../../revisions/revisions.service';
|
||||
|
|
@ -39,6 +39,7 @@ import { User } from '../../../users/user.entity';
|
|||
import { UsersService } from '../../../users/users.service';
|
||||
import { GetNotePipe } from '../../utils/get-note.pipe';
|
||||
import { MarkdownBody } from '../../utils/markdownbody-decorator';
|
||||
import { PermissionsGuard } from '../../utils/permissions.guard';
|
||||
import { RequestUser } from '../../utils/request-user.decorator';
|
||||
|
||||
@UseGuards(SessionGuard)
|
||||
|
|
@ -47,7 +48,6 @@ export class NotesController {
|
|||
constructor(
|
||||
private readonly logger: ConsoleLoggerService,
|
||||
private noteService: NotesService,
|
||||
private permissionsService: PermissionsService,
|
||||
private historyService: HistoryService,
|
||||
private userService: UsersService,
|
||||
private mediaService: MediaService,
|
||||
|
|
@ -57,38 +57,34 @@ export class NotesController {
|
|||
}
|
||||
|
||||
@Get(':noteIdOrAlias')
|
||||
@Permissions(Permission.READ)
|
||||
@UseGuards(PermissionsGuard)
|
||||
async getNote(
|
||||
@RequestUser() user: User,
|
||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||
): Promise<NoteDto> {
|
||||
if (!this.permissionsService.mayRead(user, note)) {
|
||||
throw new UnauthorizedException('Reading note denied!');
|
||||
}
|
||||
await this.historyService.updateHistoryEntryTimestamp(note, user);
|
||||
return await this.noteService.toNoteDto(note);
|
||||
}
|
||||
|
||||
@Get(':noteIdOrAlias/media')
|
||||
@Permissions(Permission.READ)
|
||||
@UseGuards(PermissionsGuard)
|
||||
async getNotesMedia(
|
||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||
@RequestUser() user: User,
|
||||
): Promise<MediaUploadDto[]> {
|
||||
if (!this.permissionsService.mayRead(user, note)) {
|
||||
throw new UnauthorizedException('Reading note denied!');
|
||||
}
|
||||
const media = await this.mediaService.listUploadsByNote(note);
|
||||
return media.map((media) => this.mediaService.toMediaUploadDto(media));
|
||||
}
|
||||
|
||||
@Post()
|
||||
@HttpCode(201)
|
||||
@Permissions(Permission.CREATE)
|
||||
@UseGuards(PermissionsGuard)
|
||||
async createNote(
|
||||
@RequestUser() user: User,
|
||||
@MarkdownBody() text: string,
|
||||
): Promise<NoteDto> {
|
||||
if (!this.permissionsService.mayCreate(user)) {
|
||||
throw new UnauthorizedException('Creating note denied!');
|
||||
}
|
||||
this.logger.debug('Got raw markdown:\n' + text);
|
||||
return await this.noteService.toNoteDto(
|
||||
await this.noteService.createNote(text, user),
|
||||
|
|
@ -97,14 +93,13 @@ export class NotesController {
|
|||
|
||||
@Post(':noteAlias')
|
||||
@HttpCode(201)
|
||||
@Permissions(Permission.CREATE)
|
||||
@UseGuards(PermissionsGuard)
|
||||
async createNamedNote(
|
||||
@RequestUser() user: User,
|
||||
@Param('noteAlias') noteAlias: string,
|
||||
@MarkdownBody() text: string,
|
||||
): Promise<NoteDto> {
|
||||
if (!this.permissionsService.mayCreate(user)) {
|
||||
throw new UnauthorizedException('Creating note denied!');
|
||||
}
|
||||
this.logger.debug('Got raw markdown:\n' + text, 'createNamedNote');
|
||||
try {
|
||||
return await this.noteService.toNoteDto(
|
||||
|
|
@ -123,14 +118,13 @@ export class NotesController {
|
|||
|
||||
@Delete(':noteIdOrAlias')
|
||||
@HttpCode(204)
|
||||
@Permissions(Permission.OWNER)
|
||||
@UseGuards(PermissionsGuard)
|
||||
async deleteNote(
|
||||
@RequestUser() user: User,
|
||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||
@Body() noteMediaDeletionDto: NoteMediaDeletionDto,
|
||||
): Promise<void> {
|
||||
if (!this.permissionsService.isOwner(user, note)) {
|
||||
throw new UnauthorizedException('Deleting note denied!');
|
||||
}
|
||||
const mediaUploads = await this.mediaService.listUploadsByNote(note);
|
||||
for (const mediaUpload of mediaUploads) {
|
||||
if (!noteMediaDeletionDto.keepMedia) {
|
||||
|
|
@ -146,13 +140,12 @@ export class NotesController {
|
|||
}
|
||||
|
||||
@Get(':noteIdOrAlias/revisions')
|
||||
@Permissions(Permission.READ)
|
||||
@UseGuards(PermissionsGuard)
|
||||
async getNoteRevisions(
|
||||
@RequestUser() user: User,
|
||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||
): Promise<RevisionMetadataDto[]> {
|
||||
if (!this.permissionsService.mayRead(user, note)) {
|
||||
throw new UnauthorizedException('Reading note denied!');
|
||||
}
|
||||
const revisions = await this.revisionsService.getAllRevisions(note);
|
||||
return await Promise.all(
|
||||
revisions.map((revision) =>
|
||||
|
|
@ -163,13 +156,12 @@ export class NotesController {
|
|||
|
||||
@Delete(':noteIdOrAlias/revisions')
|
||||
@HttpCode(204)
|
||||
@Permissions(Permission.READ)
|
||||
@UseGuards(PermissionsGuard)
|
||||
async purgeNoteRevisions(
|
||||
@RequestUser() user: User,
|
||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||
): Promise<void> {
|
||||
if (!this.permissionsService.mayRead(user, note)) {
|
||||
throw new UnauthorizedException('Reading note denied!');
|
||||
}
|
||||
this.logger.debug(
|
||||
'Purging history of note: ' + note.id,
|
||||
'purgeNoteRevisions',
|
||||
|
|
@ -183,15 +175,14 @@ export class NotesController {
|
|||
}
|
||||
|
||||
@Get(':noteIdOrAlias/revisions/:revisionId')
|
||||
@Permissions(Permission.READ)
|
||||
@UseGuards(PermissionsGuard)
|
||||
async getNoteRevision(
|
||||
@RequestUser() user: User,
|
||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||
@Param('revisionId') revisionId: number,
|
||||
): Promise<RevisionDto> {
|
||||
try {
|
||||
if (!this.permissionsService.mayRead(user, note)) {
|
||||
throw new UnauthorizedException('Reading note denied!');
|
||||
}
|
||||
return this.revisionsService.toRevisionDto(
|
||||
await this.revisionsService.getRevision(note, revisionId),
|
||||
);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue