mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-28 19:20:58 -05:00
refactor: allow only one required permission in require-permission decorator
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
This commit is contained in:
parent
9ca6485219
commit
6e0e63688b
2 changed files with 7 additions and 7 deletions
|
@ -32,12 +32,12 @@ export class PermissionsGuard implements CanActivate {
|
|||
}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const permissions = this.reflector.get<RequiredPermission[]>(
|
||||
const permission = this.reflector.get<RequiredPermission>(
|
||||
PERMISSION_METADATA_KEY,
|
||||
context.getHandler(),
|
||||
);
|
||||
// If no permissions are set this is probably an error and this guard should not let the request pass
|
||||
if (!permissions) {
|
||||
if (!permission) {
|
||||
this.logger.error(
|
||||
'Could not find permission metadata. This should never happen. If you see this, please open an issue at https://github.com/hedgedoc/hedgedoc/issues',
|
||||
);
|
||||
|
@ -46,7 +46,7 @@ export class PermissionsGuard implements CanActivate {
|
|||
const request: CompleteRequest = context.switchToHttp().getRequest();
|
||||
const user = request.user ?? null;
|
||||
// handle CREATE permissions, as this does not need any note
|
||||
if (permissions[0] === RequiredPermission.CREATE) {
|
||||
if (permission === RequiredPermission.CREATE) {
|
||||
return this.permissionsService.mayCreate(user);
|
||||
}
|
||||
// Attention: This gets the note an additional time if used in conjunction with GetNoteInterceptor or NoteHeaderInterceptor
|
||||
|
@ -58,7 +58,7 @@ export class PermissionsGuard implements CanActivate {
|
|||
return false;
|
||||
}
|
||||
return await this.permissionsService.checkPermissionOnNote(
|
||||
permissions[0],
|
||||
permission,
|
||||
user,
|
||||
note,
|
||||
);
|
||||
|
|
|
@ -11,9 +11,9 @@ export const PERMISSION_METADATA_KEY = 'requiredPermission';
|
|||
|
||||
/**
|
||||
* This decorator gathers the {@link RequiredPermission Permission} a user must hold for the {@link PermissionsGuard}
|
||||
* @param permissions - an array of permissions. In practice this should always contain exactly one {@link RequiredPermission}
|
||||
* @param {RequiredPermission} permission the required permission for the decorated action.
|
||||
*/
|
||||
// eslint-disable-next-line func-style,@typescript-eslint/naming-convention
|
||||
export const RequirePermission = (
|
||||
...permissions: RequiredPermission[]
|
||||
): CustomDecorator => SetMetadata(PERMISSION_METADATA_KEY, permissions);
|
||||
permission: RequiredPermission,
|
||||
): CustomDecorator => SetMetadata(PERMISSION_METADATA_KEY, permission);
|
||||
|
|
Loading…
Reference in a new issue