William Petit
3ef495445a
serveur - Création d'un service d'autorisation dynamique basé sur des "voter" (à la Symfony) - Mise en place des autorisations sur les principales queries/mutations de l'API GraphQL
101 lines
2.2 KiB
Go
101 lines
2.2 KiB
Go
package graph
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
|
|
"forge.cadoles.com/Cadoles/daddy/internal/orm"
|
|
"gitlab.com/wpetit/goweb/middleware/container"
|
|
|
|
"forge.cadoles.com/Cadoles/daddy/internal/model"
|
|
errs "github.com/pkg/errors"
|
|
)
|
|
|
|
func handleCreateDecisionSupportFile(ctx context.Context, changes *model.DecisionSupportFileChanges) (*model.DecisionSupportFile, error) {
|
|
authorized, err := isAuthorized(ctx, &model.DecisionSupportFile{}, model.ActionCreate)
|
|
if err != nil {
|
|
return nil, errs.WithStack(err)
|
|
}
|
|
|
|
if !authorized {
|
|
return nil, errs.WithStack(ErrForbidden)
|
|
}
|
|
|
|
ctn := container.Must(ctx)
|
|
db := orm.Must(ctn).DB()
|
|
|
|
repo := model.NewDSFRepository(db)
|
|
|
|
dsf, err := repo.Create(ctx, changes)
|
|
if err != nil {
|
|
return nil, errs.WithStack(err)
|
|
}
|
|
|
|
return dsf, nil
|
|
}
|
|
|
|
func handleUpdateDecisionSupportFile(ctx context.Context, id string, changes *model.DecisionSupportFileChanges) (*model.DecisionSupportFile, error) {
|
|
ctn := container.Must(ctx)
|
|
db := orm.Must(ctn).DB()
|
|
|
|
repo := model.NewDSFRepository(db)
|
|
|
|
dsf, err := repo.Find(ctx, id)
|
|
if err != nil {
|
|
return nil, errs.WithStack(err)
|
|
}
|
|
|
|
authorized, err := isAuthorized(ctx, dsf, model.ActionUpdate)
|
|
if err != nil {
|
|
return nil, errs.WithStack(err)
|
|
}
|
|
|
|
if !authorized {
|
|
return nil, errs.WithStack(ErrForbidden)
|
|
}
|
|
|
|
dsf, err = repo.Update(ctx, id, changes)
|
|
if err != nil {
|
|
return nil, errs.WithStack(err)
|
|
}
|
|
|
|
return dsf, nil
|
|
}
|
|
|
|
func handleDecisionSupportFiles(ctx context.Context, filter *model.DecisionSupportFileFilter) ([]*model.DecisionSupportFile, error) {
|
|
ctn := container.Must(ctx)
|
|
db := orm.Must(ctn).DB()
|
|
|
|
repo := model.NewDSFRepository(db)
|
|
|
|
found, err := repo.Search(ctx, filter)
|
|
if err != nil {
|
|
return nil, errs.WithStack(err)
|
|
}
|
|
|
|
dsfs := make([]*model.DecisionSupportFile, 0)
|
|
|
|
for _, d := range found {
|
|
authorized, err := isAuthorized(ctx, d, model.ActionRead)
|
|
if err != nil {
|
|
return nil, errs.WithStack(err)
|
|
}
|
|
|
|
if authorized {
|
|
dsfs = append(dsfs, d)
|
|
}
|
|
}
|
|
|
|
return dsfs, nil
|
|
}
|
|
|
|
func handleSections(ctx context.Context, dsf *model.DecisionSupportFile) (map[string]interface{}, error) {
|
|
sections := make(map[string]interface{})
|
|
|
|
if err := json.Unmarshal(dsf.Sections.RawMessage, §ions); err != nil {
|
|
return nil, errs.WithStack(err)
|
|
}
|
|
|
|
return sections, nil
|
|
}
|