fix: add role limit
This commit is contained in:
fallen-angle
@@ -1,11 +1,13 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"nCovTrack-Backend/global"
|
||||
"nCovTrack-Backend/models"
|
||||
"nCovTrack-Backend/service/article"
|
||||
"nCovTrack-Backend/utils"
|
||||
"strconv"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
// SaveArticleHandler save an article
|
||||
@@ -19,7 +21,13 @@ import (
|
||||
// @Param Token header string true "token"
|
||||
func SaveArticleHandler(c *gin.Context) {
|
||||
jsonMap := bindJson(c)
|
||||
claims := utils.ClaimsFromHeader(c)
|
||||
if claims.Role != global.ROLE_ID_MAP["ADMIN"] {
|
||||
Forbidden(c)
|
||||
return
|
||||
}
|
||||
if jsonMap == nil {
|
||||
RequestErr(c, map[string]interface{}{"URI": c.Request.RequestURI})
|
||||
return
|
||||
}
|
||||
colMap := models.MapJ2c[models.BackArticle](jsonMap, true)
|
||||
@@ -30,7 +38,7 @@ func SaveArticleHandler(c *gin.Context) {
|
||||
utils.Succ(c, jsonMap)
|
||||
}
|
||||
|
||||
// GetAllArticlesHandler get all article
|
||||
// ListPublishedArticlesHandler get all article
|
||||
// @Tags Article
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
@@ -39,9 +47,28 @@ func SaveArticleHandler(c *gin.Context) {
|
||||
// @Success 200 {object} utils.GinResponse{data=[]models.BackArticle}
|
||||
// @Router /article/list [get]
|
||||
// @Param Token header string false "token"
|
||||
func GetAllArticlesHandler(c *gin.Context) {
|
||||
func ListPublishedArticlesHandler(c *gin.Context) {
|
||||
// TODO: admin need to show more articles
|
||||
articles := article.ListAllArticles()
|
||||
articles := article.ListPublishedArticles()
|
||||
utils.Succ(c, articles)
|
||||
}
|
||||
|
||||
func ListArticlesByUser(c *gin.Context) {
|
||||
published := c.Param("published")
|
||||
claims := utils.ClaimsFromHeader(c)
|
||||
if claims.Role != global.ROLE_ID_MAP["ADMIN"] {
|
||||
Forbidden(c)
|
||||
return
|
||||
}
|
||||
var articles *[]models.ListArtile
|
||||
if published == "published" {
|
||||
articles = article.ListPublishedArticlesByUser(claims.ID)
|
||||
} else if published == "notpublished" {
|
||||
articles = article.ListNotPublishedArticlesByUser(claims.ID)
|
||||
} else {
|
||||
UrlNotFound(c)
|
||||
return
|
||||
}
|
||||
utils.Succ(c, articles)
|
||||
}
|
||||
|
||||
@@ -56,6 +83,11 @@ func GetAllArticlesHandler(c *gin.Context) {
|
||||
// @Param id path string true "id"
|
||||
func DeleteArticleHandler(c *gin.Context) {
|
||||
id, err := strconv.Atoi(c.Param("id"))
|
||||
claims := utils.ClaimsFromHeader(c)
|
||||
if claims.Role == global.ROLE_ID_MAP["ADMIN"] {
|
||||
Forbidden(c)
|
||||
return
|
||||
}
|
||||
if err != nil {
|
||||
RequestErr(c, map[string]interface{}{"URI": c.Request.RequestURI})
|
||||
return
|
||||
@@ -84,7 +116,6 @@ func GetArticleHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
res := article.GetArticleById(id)
|
||||
//TODO: if not admin, will not show not published article
|
||||
if res == nil {
|
||||
DataNotFound(c, nil)
|
||||
return
|
||||
@@ -103,6 +134,11 @@ func GetArticleHandler(c *gin.Context) {
|
||||
// @Param id path string true "id"
|
||||
func PublishArticleHandler(c *gin.Context) {
|
||||
id, err := strconv.Atoi(c.Param("id"))
|
||||
claims := utils.ClaimsFromHeader(c)
|
||||
if claims.Role == global.ROLE_ID_MAP["ADMIN"] {
|
||||
Forbidden(c)
|
||||
return
|
||||
}
|
||||
if err != nil {
|
||||
RequestErr(c, map[string]interface{}{"URI": c.Request.RequestURI})
|
||||
return
|
||||
|
||||
Reference in New Issue
Block a user