yogsototh/aggreact
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Routes to delete comments

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2019-08-04 19:15:20 +02:00
parent 2dcd6c3e47
commit 2725dcef74
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
2 changed files with 24 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
src/Aggreact/Comments/Server.hs
View file

@ -63,6 +63,8 @@ type CommentAPI =
:> PostCreated '[HTML,JSON] CreatedComment
:<|> "comment" :> Capture "commentId" Text
:> Get '[HTML,JSON] CommentPage
:<|> "comment" :> Capture "commentId" Text
:> DeleteAccepted '[JSON] ()
data Handlers =
Handlers { userHandler :: UserHandler
@ -79,6 +81,7 @@ commentAPI Handlers{..} authResult =
showComments muser authorizationHandler commentHandler
:<|> postNewComment muser authorizationHandler commentHandler
:<|> showComment muser authorizationHandler commentHandler
:<|> deleteCommentid muser authorizationHandler commentHandler
showComments :: Maybe User -> AuthorizationHandler -> CommentHandler -> Text -> Handler CommentsPage
showComments muser AuthorizationHandler{..} CommentHandler{..} s = do
@ -110,6 +113,26 @@ showComment muser AuthorizationHandler{..} CommentHandler{..} i = do
}
_ -> notFound "" muser
own :: Comment -> Maybe User -> Bool
own _ Nothing = False
own comment muser =
userid (val comment) == muserToUserId muser
deleteCommentid :: Maybe User -> AuthorizationHandler -> CommentHandler -> Text -> Handler ()
deleteCommentid muser AuthorizationHandler{..} CommentHandler{..} i = do
_ <- filterAccess (Scope "comment" Write) muser
case UUID.fromText i of
Nothing -> notFound "" muser
Just uuid -> do
cs <- liftIO . readComment . Id $ uuid
case cs of
Just comment ->
if own comment muser then
return ()
else
unauthorized "you can't delete this comment" muser
_ -> notFound "" muser
muserToUserId :: Maybe User -> MUserId
muserToUserId Nothing = MUserId Nothing
muserToUserId (Just (Entity i _ _)) = MUserId (Just (UserId (toS i)))

1
src/DevelMain.hs
View file

@ -82,6 +82,7 @@ update = do
-> IO ThreadId
start done = do
(dbHandler, app) <- initialize defaultConf
putText "http://localhost:3000"
forkIO (finally (runSettings (setPort 3000 defaultSettings) app)
(shutdownApp dbHandler >> putMVar done ()))