ComputerSurge/komodo
3
0
Fork 0
forked from github-starred/komodo
Code Pull Requests Packages Releases Activity

improve permissions code

Browse Source
This commit is contained in:
beckerinj
2022-11-21 00:02:39 -05:00
parent 37d5606eb3
commit a91fd11844
3 changed files with 23 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
core/src/api/server.rs
View File

@@ -42,10 +42,11 @@ async fn list(
if user.is_admin {
true
} else {
match s.permissions.get(&user.id) {
Some(permissions) => *permissions != PermissionLevel::None,
None => false,
}
let permissions = *s
.permissions
.get(&user.id)
.unwrap_or(&PermissionLevel::None);
permissions != PermissionLevel::None
}
})
.collect();

10
core/src/ws/mod.rs
View File

@@ -10,12 +10,6 @@ pub fn router() -> Router {
Router::new().route("/update", get(update::ws_handler))
}
fn user_permissions(user_id: &str, permissions: &PermissionsMap) -> anyhow::Result<()> {
let permission_level = *permissions
.get(user_id)
.ok_or(anyhow!("user has no permissions"))?;
match permission_level {
PermissionLevel::None => Err(anyhow!("user has None permission level")),
_ => Ok(()),
}
fn user_permissions(user_id: &str, permissions: &PermissionsMap) -> PermissionLevel {
*permissions.get(user_id).unwrap_or(&PermissionLevel::None)
}

20
core/src/ws/update.rs
View File

@@ -21,7 +21,7 @@ use tokio::{
},
};
use tokio_util::sync::CancellationToken;
use types::{EntityType, Update, User};
use types::{EntityType, PermissionLevel, Update, User};
use crate::auth::{JwtClient, JwtExtension};
@@ -221,7 +221,11 @@ async fn user_can_see_update(
.await
.context(format!("failed at query to get server at {server_id}"))?
.ok_or(anyhow!("did not server with id {server_id}"))?;
user_permissions(user_id, &server.permissions)
if user_permissions(user_id, &server.permissions) != PermissionLevel::None {
Ok(())
} else {
Err(anyhow!("user does not have permissions on server"))
}
}
EntityType::Deployment => {
let deployment_id = entity_id
@@ -235,7 +239,11 @@ async fn user_can_see_update(
"failed at query to get deployment at {deployment_id}"
))?
.ok_or(anyhow!("did not deployment with id {deployment_id}"))?;
user_permissions(user_id, &deployment.permissions)
if user_permissions(user_id, &deployment.permissions) != PermissionLevel::None {
Ok(())
} else {
Err(anyhow!("user does not have permissions on deployment"))
}
}
EntityType::Build => {
let build_id = entity_id
@@ -247,7 +255,11 @@ async fn user_can_see_update(
.await
.context(format!("failed at query to get build at {build_id}"))?
.ok_or(anyhow!("did not build with id {build_id}"))?;
user_permissions(user_id, &build.permissions)
if user_permissions(user_id, &build.permissions) != PermissionLevel::None {
Ok(())
} else {
Err(anyhow!("user does not have permissions on build"))
}
}
}
}