Docker/documize
Docker/documize
1
0
Fork 0
mirror of https://github.com/documize/community.git synced 2025-08-02 20:15:26 +02:00
Code Releases Activity

upgraded gorilla mux dependency, improved anon viewing

Browse source
This commit is contained in:
Harvey Kandola 2017-10-04 14:02:03 -04:00
parent 7ce3adb65e
commit 1d2109aa44
18 changed files with 2411 additions and 402 deletions
Download patch file Download diff file Expand all files Collapse all files

10
domain/category/endpoint.go
View file

@ -16,7 +16,6 @@ package category
import (
"database/sql"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
@ -281,20 +280,17 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
// GetSummary returns number of documents and users for space categories.
func (h *Handler) GetSummary(w http.ResponseWriter, r *http.Request) {
fmt.Println("ctx.UserID")
method := "category.GetSummary"
ctx := domain.GetRequestContext(r)
spaceID := request.Param(r, "spaceID")
if len(spaceID) == 0 {
response.WriteMissingDataError(w, method, "spaceID")
return
}
ok := permission.HasPermission(ctx, *h.Store, spaceID, pm.SpaceManage, pm.SpaceOwner)
if !ok || !ctx.Authenticated {
ok := permission.HasPermission(ctx, *h.Store, spaceID, pm.SpaceManage, pm.SpaceOwner, pm.SpaceView)
if !ok {
response.WriteForbiddenError(w)
return
}
@ -400,7 +396,7 @@ func (h *Handler) GetDocumentCategoryMembership(w http.ResponseWriter, r *http.R
return
}
if !permission.HasPermission(ctx, *h.Store, doc.LabelID, pm.DocumentAdd, pm.DocumentEdit) {
if !permission.HasPermission(ctx, *h.Store, doc.LabelID, pm.SpaceView, pm.DocumentAdd, pm.DocumentEdit) {
response.WriteForbiddenError(w)
return
}