anyproto/anytype-heart
1
0
Fork 0
mirror of https://github.com/anyproto/anytype-heart.git synced 2025-06-08 05:47:07 +09:00
Code Activity

GO-4459: Refactor handlers and middleware

Browse source
This commit is contained in:
Jannis Metrikat 2025-01-03 19:13:20 +01:00
parent 017b963d32
commit 0358d34af7
No known key found for this signature in database
GPG key ID: B223CAC5AAF85615
7 changed files with 32 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cmd/api/auth/service.go
View file

@ -29,7 +29,7 @@ func NewService(mw service.ClientCommandsServer) *AuthService {
// GenerateNewChallenge calls AccountLocalLinkNewChallenge and returns the challenge ID, or an error if it fails.
func (s *AuthService) GenerateNewChallenge(ctx context.Context, appName string) (string, error) {
resp := s.mw.AccountLocalLinkNewChallenge(ctx, &pb.RpcAccountLocalLinkNewChallengeRequest{AppName: "api-test"})
resp := s.mw.AccountLocalLinkNewChallenge(ctx, &pb.RpcAccountLocalLinkNewChallengeRequest{AppName: appName})
if resp.Error.Code != pb.RpcAccountLocalLinkNewChallengeResponseError_NULL {
return "", ErrFailedGenerateChallenge

6
cmd/api/docs/docs.go
View file

@ -262,6 +262,12 @@ const docTemplate = `{
"$ref": "#/definitions/space.CreateSpaceResponse"
}
},
"400": {
"description": "Bad request",
"schema": {
"$ref": "#/definitions/util.ValidationError"
}
},
"403": {
"description": "Unauthorized",
"schema": {

6
cmd/api/docs/swagger.json
View file

@ -256,6 +256,12 @@
"$ref": "#/definitions/space.CreateSpaceResponse"
}
},
"400": {
"description": "Bad request",
"schema": {
"$ref": "#/definitions/util.ValidationError"
}
},
"403": {
"description": "Unauthorized",
"schema": {

4
cmd/api/docs/swagger.yaml
View file

@ -483,6 +483,10 @@ paths:
description: Space created successfully
schema:
$ref: '#/definitions/space.CreateSpaceResponse'
"400":
description: Bad request
schema:
$ref: '#/definitions/util.ValidationError'
"403":
description: Unauthorized
schema:

6
cmd/api/object/handler.go
View file

@ -98,7 +98,8 @@ func CreateObjectHandler(s *ObjectService) gin.HandlerFunc {
request := CreateObjectRequest{}
if err := c.BindJSON(&request); err != nil {
c.JSON(http.StatusBadRequest, util.CodeToAPIError(http.StatusBadRequest, ErrBadInput.Error()))
apiErr := util.CodeToAPIError(http.StatusBadRequest, err.Error())
c.JSON(http.StatusBadRequest, apiErr)
return
}
@ -140,7 +141,8 @@ func UpdateObjectHandler(s *ObjectService) gin.HandlerFunc {
request := UpdateObjectRequest{}
if err := c.BindJSON(&request); err != nil {
c.JSON(http.StatusBadRequest, util.CodeToAPIError(http.StatusBadRequest, ErrBadInput.Error()))
apiErr := util.CodeToAPIError(http.StatusBadRequest, err.Error())
c.JSON(http.StatusBadRequest, apiErr)
return
}

47
cmd/api/server/middleware.go
View file

@ -10,12 +10,6 @@ import (
"github.com/anyproto/anytype-heart/core/anytype/account"
)
// TODO: User represents an authenticated user with permissions
type User struct {
ID string
Permissions string // "read-only" or "read-write"
}
// initAccountInfo retrieves the account information from the account service.
func (s *Server) initAccountInfo() gin.HandlerFunc {
return func(c *gin.Context) {
@ -39,43 +33,16 @@ func (s *Server) initAccountInfo() gin.HandlerFunc {
}
}
// TODO: AuthMiddleware ensures the user is authenticated.
func (s *Server) AuthMiddleware() gin.HandlerFunc {
// ensureAuthenticated is a middleware that ensures the request is authenticated.
func (s *Server) ensureAuthenticated() gin.HandlerFunc {
return func(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == "" {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
return
}
// token := c.GetHeader("Authorization")
// if token == "" {
// c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
// return
// }
// TODO: Validate the token and retrieve user information; this is mock example
user := &User{
ID: "user123",
Permissions: "read-only", // or "read-only"
}
// Add the user to the context
c.Set("user", user)
c.Next()
}
}
// TODO: PermissionMiddleware ensures the user has the required permissions.
func (s *Server) PermissionMiddleware(requiredPermission string) gin.HandlerFunc {
return func(c *gin.Context) {
user, exists := c.Get("user")
if !exists {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
return
}
u := user.(*User)
if requiredPermission == "read-write" && u.Permissions != "read-write" {
c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "Forbidden: write access required"})
return
}
// For read-only access, both "read-only" and "read-write" permissions are acceptable
c.Next()
}
}

7
cmd/api/space/handler.go
View file

@ -52,6 +52,7 @@ func GetSpacesHandler(s *SpaceService) gin.HandlerFunc {
// @Produce json
// @Param name body string true "Space Name"
// @Success 200 {object} CreateSpaceResponse "Space created successfully"
// @Failure 400 {object} util.ValidationError "Bad request"
// @Failure 403 {object} util.UnauthorizedError "Unauthorized"
// @Failure 502 {object} util.ServerError "Internal server error"
// @Router /spaces [post]
@ -59,12 +60,12 @@ func CreateSpaceHandler(s *SpaceService) gin.HandlerFunc {
return func(c *gin.Context) {
nameRequest := CreateSpaceRequest{}
if err := c.BindJSON(&nameRequest); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"message": "Invalid JSON"})
apiErr := util.CodeToAPIError(http.StatusBadRequest, err.Error())
c.JSON(http.StatusBadRequest, apiErr)
return
}
name := nameRequest.Name
space, err := s.CreateSpace(c.Request.Context(), name)
space, err := s.CreateSpace(c.Request.Context(), nameRequest.Name)
code := util.MapErrorCode(err,
util.ErrToCode(ErrFailedCreateSpace, http.StatusInternalServerError),
)