From 2725dcef74c2de26b964ab4ba8531cc2946cb575 Mon Sep 17 00:00:00 2001 From: "Yann Esposito (Yogsototh)" Date: Sun, 4 Aug 2019 19:15:20 +0200 Subject: [PATCH] Routes to delete comments --- src/Aggreact/Comments/Server.hs | 23 +++++++++++++++++++++++ src/DevelMain.hs | 1 + 2 files changed, 24 insertions(+) diff --git a/src/Aggreact/Comments/Server.hs b/src/Aggreact/Comments/Server.hs index 701c762..3f885e4 100644 --- a/src/Aggreact/Comments/Server.hs +++ b/src/Aggreact/Comments/Server.hs @@ -63,6 +63,8 @@ type CommentAPI = :> PostCreated '[HTML,JSON] CreatedComment :<|> "comment" :> Capture "commentId" Text :> Get '[HTML,JSON] CommentPage + :<|> "comment" :> Capture "commentId" Text + :> DeleteAccepted '[JSON] () data Handlers = Handlers { userHandler :: UserHandler @@ -79,6 +81,7 @@ commentAPI Handlers{..} authResult = showComments muser authorizationHandler commentHandler :<|> postNewComment muser authorizationHandler commentHandler :<|> showComment muser authorizationHandler commentHandler + :<|> deleteCommentid muser authorizationHandler commentHandler showComments :: Maybe User -> AuthorizationHandler -> CommentHandler -> Text -> Handler CommentsPage showComments muser AuthorizationHandler{..} CommentHandler{..} s = do @@ -110,6 +113,26 @@ showComment muser AuthorizationHandler{..} CommentHandler{..} i = do } _ -> notFound "" muser +own :: Comment -> Maybe User -> Bool +own _ Nothing = False +own comment muser = + userid (val comment) == muserToUserId muser + +deleteCommentid :: Maybe User -> AuthorizationHandler -> CommentHandler -> Text -> Handler () +deleteCommentid muser AuthorizationHandler{..} CommentHandler{..} i = do + _ <- filterAccess (Scope "comment" Write) muser + case UUID.fromText i of + Nothing -> notFound "" muser + Just uuid -> do + cs <- liftIO . readComment . Id $ uuid + case cs of + Just comment -> + if own comment muser then + return () + else + unauthorized "you can't delete this comment" muser + _ -> notFound "" muser + muserToUserId :: Maybe User -> MUserId muserToUserId Nothing = MUserId Nothing muserToUserId (Just (Entity i _ _)) = MUserId (Just (UserId (toS i))) diff --git a/src/DevelMain.hs b/src/DevelMain.hs index bb53386..5a674fc 100644 --- a/src/DevelMain.hs +++ b/src/DevelMain.hs @@ -82,6 +82,7 @@ update = do -> IO ThreadId start done = do (dbHandler, app) <- initialize defaultConf + putText "http://localhost:3000" forkIO (finally (runSettings (setPort 3000 defaultSettings) app) (shutdownApp dbHandler >> putMVar done ()))