dynamic,HandlerFeedGenerator: Check for read permissions
This commit is contained in:
parent
32af0e2857
commit
234db99ef5
@ -1,8 +1,9 @@
|
|||||||
#include "dynamiccontent.h"
|
#include "dynamiccontent.h"
|
||||||
|
|
||||||
DynamicContent::DynamicContent(Template &templ, Database &database, UrlProvider &provider)
|
DynamicContent::DynamicContent(Template &templ, Database &database, UrlProvider &provider, Session &session)
|
||||||
{
|
{
|
||||||
this->templ = &templ;
|
this->templ = &templ;
|
||||||
this->database = &database;
|
this->database = &database;
|
||||||
this->urlProvider = &provider;
|
this->urlProvider = &provider;
|
||||||
|
this->userSession = &session;
|
||||||
}
|
}
|
||||||
|
@ -10,11 +10,12 @@ class DynamicContent
|
|||||||
Template *templ;
|
Template *templ;
|
||||||
Database *database;
|
Database *database;
|
||||||
UrlProvider *urlProvider;
|
UrlProvider *urlProvider;
|
||||||
|
Session *userSession;
|
||||||
|
|
||||||
std::string argument;
|
std::string argument;
|
||||||
|
|
||||||
public:
|
public:
|
||||||
DynamicContent(Template &templ, Database &database, UrlProvider &urlProvider);
|
DynamicContent(Template &templ, Database &database, UrlProvider &urlProvider, Session &session);
|
||||||
virtual std::string render() = 0;
|
virtual std::string render() = 0;
|
||||||
virtual void setArgument(std::string argument)
|
virtual void setArgument(std::string argument)
|
||||||
{
|
{
|
||||||
|
@ -9,18 +9,20 @@ private:
|
|||||||
Template *templ;
|
Template *templ;
|
||||||
Database *db;
|
Database *db;
|
||||||
UrlProvider *urlProvider;
|
UrlProvider *urlProvider;
|
||||||
|
Session *session;
|
||||||
|
|
||||||
public:
|
public:
|
||||||
DynamicContentFactory(Template &templ, Database &db, UrlProvider &urlProvider)
|
DynamicContentFactory(Template &templ, Database &db, UrlProvider &urlProvider, Session &session)
|
||||||
{
|
{
|
||||||
this->templ = &templ;
|
this->templ = &templ;
|
||||||
this->db = &db;
|
this->db = &db;
|
||||||
this->urlProvider = &urlProvider;
|
this->urlProvider = &urlProvider;
|
||||||
|
this->session = &session;
|
||||||
}
|
}
|
||||||
|
|
||||||
template <class T> inline std::shared_ptr<T> createDynamicContent()
|
template <class T> inline std::shared_ptr<T> createDynamicContent()
|
||||||
{
|
{
|
||||||
return std::make_shared<T>(*this->templ, *this->db, *this->urlProvider);
|
return std::make_shared<T>(*this->templ, *this->db, *this->urlProvider, *this->session);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -6,15 +6,22 @@ std::string DynamicContentPostList::render()
|
|||||||
auto categoryDao = this->database->createCategoryDao();
|
auto categoryDao = this->database->createCategoryDao();
|
||||||
auto pageDao = this->database->createPageDao();
|
auto pageDao = this->database->createPageDao();
|
||||||
auto revisionDao = this->database->createRevisionDao();
|
auto revisionDao = this->database->createRevisionDao();
|
||||||
|
auto permissionDao = this->database->createPermissionsDao();
|
||||||
|
|
||||||
QueryOption option;
|
QueryOption option;
|
||||||
option.includeInvisible = false;
|
option.includeInvisible = false;
|
||||||
auto members = categoryDao->fetchMembers(this->argument, option);
|
auto members = categoryDao->fetchMembers(this->argument, option);
|
||||||
std::vector<std::pair<std::string, time_t>> pageList;
|
std::vector<std::pair<std::string, time_t>> pageList;
|
||||||
for(const Page &member : members)
|
for(const Page &member : members)
|
||||||
|
{
|
||||||
|
Permissions perms = permissionDao->find(member.name, this->userSession->user.login)
|
||||||
|
.value_or(this->userSession->user.permissions);
|
||||||
|
if(perms.canRead()) /* TODO: Maybe add canList() */
|
||||||
{
|
{
|
||||||
auto revision = revisionDao->getRevisionForPage(member.name, 1);
|
auto revision = revisionDao->getRevisionForPage(member.name, 1);
|
||||||
pageList.push_back({member.name, revision->timestamp});
|
pageList.push_back({member.name, revision->timestamp});
|
||||||
}
|
}
|
||||||
|
}
|
||||||
std::sort(pageList.begin(), pageList.end(),
|
std::sort(pageList.begin(), pageList.end(),
|
||||||
[](std::pair<std::string, time_t> &a, std::pair<std::string, time_t> &b) { return a.second > b.second; });
|
[](std::pair<std::string, time_t> &a, std::pair<std::string, time_t> &b) { return a.second > b.second; });
|
||||||
|
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
#include "handlerfeedgenerator.h"
|
#include "handlerfeedgenerator.h"
|
||||||
#include "../parser.h"
|
|
||||||
#include "../revisionrenderer.h"
|
#include "../revisionrenderer.h"
|
||||||
std::vector<HandlerFeedGenerator::EntryRevisionPair> HandlerFeedGenerator::fetchEntries(
|
std::vector<HandlerFeedGenerator::EntryRevisionPair> HandlerFeedGenerator::fetchEntries(
|
||||||
std::vector<std::string> categories)
|
std::vector<std::string> categories)
|
||||||
{
|
{
|
||||||
auto revisionDao = this->database->createRevisionDao();
|
auto revisionDao = this->database->createRevisionDao();
|
||||||
auto pageDao = this->database->createPageDao();
|
auto pageDao = this->database->createPageDao();
|
||||||
|
auto permissionDao = this->database->createPermissionsDao();
|
||||||
|
|
||||||
std::vector<EntryRevisionPair> result;
|
std::vector<EntryRevisionPair> result;
|
||||||
QueryOption option;
|
QueryOption option;
|
||||||
@ -33,10 +33,15 @@ std::vector<HandlerFeedGenerator::EntryRevisionPair> HandlerFeedGenerator::fetch
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
for(const Page &member : members)
|
for(const Page &member : members)
|
||||||
|
{
|
||||||
|
Permissions perms = permissionDao->find(member.name, this->userSession->user.login)
|
||||||
|
.value_or(this->userSession->user.permissions);
|
||||||
|
if(perms.canRead())
|
||||||
{
|
{
|
||||||
auto revision = revisionDao->getRevisionForPage(member.name, 1).value();
|
auto revision = revisionDao->getRevisionForPage(member.name, 1).value();
|
||||||
result.push_back({member, revision});
|
result.push_back({member, revision});
|
||||||
}
|
}
|
||||||
|
}
|
||||||
std::sort(result.begin(), result.end(),
|
std::sort(result.begin(), result.end(),
|
||||||
[](EntryRevisionPair &a, EntryRevisionPair &b) { return a.second.timestamp > b.second.timestamp; });
|
[](EntryRevisionPair &a, EntryRevisionPair &b) { return a.second.timestamp > b.second.timestamp; });
|
||||||
|
|
||||||
@ -68,7 +73,7 @@ std::string HandlerFeedGenerator::generateAtom(const std::vector<HandlerFeedGene
|
|||||||
subtitle = "All pages";
|
subtitle = "All pages";
|
||||||
}
|
}
|
||||||
|
|
||||||
RevisionRenderer revisionRenderer { *this->templ, *this->database, *this->urlProvider };
|
RevisionRenderer revisionRenderer{*this->templ, *this->database, *this->urlProvider, *this->userSession};
|
||||||
|
|
||||||
for(const EntryRevisionPair &entry : entries)
|
for(const EntryRevisionPair &entry : entries)
|
||||||
{
|
{
|
||||||
|
@ -138,8 +138,7 @@ Response HandlerPageView::handleRequest(PageDao &pageDao, std::string pagename,
|
|||||||
Response result;
|
Response result;
|
||||||
result.setStatus(200);
|
result.setStatus(200);
|
||||||
|
|
||||||
RevisionRenderer revisionRenderer { *this->templ, *this->database, *this->urlProvider };
|
RevisionRenderer revisionRenderer{*this->templ, *this->database, *this->urlProvider, *this->userSession};
|
||||||
|
|
||||||
|
|
||||||
std::string customtitle = parser.extractCommand("pagetitle", revision->content);
|
std::string customtitle = parser.extractCommand("pagetitle", revision->content);
|
||||||
std::string parsedcontent = revisionRenderer.renderContent(revision.value(), customtitle);
|
std::string parsedcontent = revisionRenderer.renderContent(revision.value(), customtitle);
|
||||||
|
@ -17,7 +17,7 @@ private:
|
|||||||
Parser parser;
|
Parser parser;
|
||||||
|
|
||||||
public:
|
public:
|
||||||
RevisionRenderer(Template &templ, Database &db, UrlProvider &urlProvider) :dynamicContentFactory(templ, db, urlProvider)
|
RevisionRenderer(Template &templ, Database &db, UrlProvider &urlProvider, Session &session) :dynamicContentFactory(templ, db, urlProvider, session)
|
||||||
{
|
{
|
||||||
this->db = &db;
|
this->db = &db;
|
||||||
this->urlProvider = &urlProvider;
|
this->urlProvider = &urlProvider;
|
||||||
|
Loading…
Reference in New Issue
Block a user