比較提交
沒有共同的提交。「f08e235d0329b34db961f5e44029e795038ae1d0」和「9088154372f91cf6ef6db745732d5dea83314bfe」的歷史完全不同。
f08e235d03
...
9088154372
@ -9,8 +9,6 @@ class PermissionsDao
|
||||
PermissionsDao();
|
||||
virtual std::optional<Permissions> find(std::string pagename, std::string username) = 0;
|
||||
virtual void save(std::string pagename, std::string username, Permissions perms) = 0;
|
||||
virtual void clearForPage(std::string pagename) = 0;
|
||||
|
||||
virtual ~PermissionsDao() = default;
|
||||
};
|
||||
|
||||
|
||||
@ -59,16 +59,3 @@ void PermissionsDaoSqlite::save(std::string pagename, std::string username, Perm
|
||||
throwFrom(e);
|
||||
}
|
||||
}
|
||||
|
||||
void PermissionsDaoSqlite::clearForPage(std::string pagename)
|
||||
{
|
||||
try
|
||||
{
|
||||
auto stmt = *db << "DELETE FROM permissions WHERE page = (SELECT id FROM page WHERE name = ?)" << pagename;
|
||||
stmt.execute();
|
||||
}
|
||||
catch(sqlite::sqlite_exception &e)
|
||||
{
|
||||
throwFrom(e);
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,7 +10,6 @@ class PermissionsDaoSqlite : public PermissionsDao, protected SqliteDao
|
||||
|
||||
std::optional<Permissions> find(std::string pagename, std::string username) override;
|
||||
virtual void save(std::string pagename, std::string username, Permissions perms) override;
|
||||
virtual void clearForPage(std::string pagename) override;
|
||||
using SqliteDao::SqliteDao;
|
||||
};
|
||||
|
||||
|
||||
@ -95,9 +95,6 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
|
||||
pagename = rename;
|
||||
}
|
||||
|
||||
std::vector<std::pair<std::string, Permissions>> collectedPermissions;
|
||||
|
||||
auto permissionDao = this->database->createPermissionsDao();
|
||||
for(const std::string &perm : perms)
|
||||
{
|
||||
auto splitted = utils::split(perm, '|');
|
||||
@ -105,29 +102,23 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
|
||||
{
|
||||
return this->errorResponse("Invalid command", "permissions command is misformated");
|
||||
}
|
||||
auto permissionDao = this->database->createPermissionsDao();
|
||||
auto currentPermission = permissionDao->find(pagename, splitted[0]);
|
||||
|
||||
Permissions newPermissions = Permissions{splitted[1]};
|
||||
if(!currentPermission || newPermissions != currentPermission.value())
|
||||
{
|
||||
if(!this->userSession->user.permissions.canSetPagePerms())
|
||||
if(this->userSession->user.permissions.canSetPagePerms())
|
||||
{
|
||||
permissionDao->save(pagename, splitted[0], newPermissions);
|
||||
}
|
||||
else
|
||||
{
|
||||
this->database->rollbackTransaction();
|
||||
return errorResponse("Permission denied",
|
||||
"You don't have permission to change permissions. Don't touch the "
|
||||
"permission commands");
|
||||
return errorResponse("Invalid permissions",
|
||||
"You don't have permission to change page permissions");
|
||||
}
|
||||
}
|
||||
collectedPermissions.emplace_back(splitted[0], newPermissions);
|
||||
}
|
||||
|
||||
if(this->userSession->user.permissions.canSetPagePerms())
|
||||
{
|
||||
permissionDao->clearForPage(pagename);
|
||||
for(auto &perms : collectedPermissions)
|
||||
{
|
||||
permissionDao->save(pagename, perms.first, perms.second);
|
||||
}
|
||||
}
|
||||
|
||||
page.current_revision = current_revision;
|
||||
|
||||
載入中…
x
新增問題並參考
Block a user