Moved the forum permission cascade logic into it's own function.

Removed some redundant queries.
Refactored the router generator.
This commit is contained in:
Azareal 2017-10-31 07:26:44 +00:00
parent ca83771eb4
commit 0361310eb2
8 changed files with 72 additions and 102 deletions

View File

@ -7,7 +7,6 @@ import "log"
import "database/sql"
// nolint
var getUserStmt *sql.Stmt
var getReplyStmt *sql.Stmt
var getUserReplyStmt *sql.Stmt
var getPasswordStmt *sql.Stmt
@ -22,7 +21,6 @@ var getPluginsStmt *sql.Stmt
var getThemesStmt *sql.Stmt
var getWidgetsStmt *sql.Stmt
var isPluginActiveStmt *sql.Stmt
var getUsersStmt *sql.Stmt
var getUsersOffsetStmt *sql.Stmt
var getWordFiltersStmt *sql.Stmt
var isThemeDefaultStmt *sql.Stmt
@ -128,13 +126,6 @@ func _gen_mssql() (err error) {
log.Print("Building the generated statements")
}
log.Print("Preparing getUser statement.")
getUserStmt, err = db.Prepare("SELECT [name],[group],[is_super_admin],[avatar],[message],[url_prefix],[url_name],[level] FROM [users] WHERE [uid] = ?1")
if err != nil {
log.Print("Bad Query: ","SELECT [name],[group],[is_super_admin],[avatar],[message],[url_prefix],[url_name],[level] FROM [users] WHERE [uid] = ?1")
return err
}
log.Print("Preparing getReply statement.")
getReplyStmt, err = db.Prepare("SELECT [tid],[content],[createdBy],[createdAt],[lastEdit],[lastEditBy],[ipaddress],[likeCount] FROM [replies] WHERE [rid] = ?1")
if err != nil {
@ -233,13 +224,6 @@ func _gen_mssql() (err error) {
return err
}
log.Print("Preparing getUsers statement.")
getUsersStmt, err = db.Prepare("SELECT [uid],[name],[group],[active],[is_super_admin],[avatar] FROM [users]")
if err != nil {
log.Print("Bad Query: ","SELECT [uid],[name],[group],[active],[is_super_admin],[avatar] FROM [users]")
return err
}
log.Print("Preparing getUsersOffset statement.")
getUsersOffsetStmt, err = db.Prepare("SELECT [uid],[name],[group],[active],[is_super_admin],[avatar] FROM [users] ORDER BY uid ASC OFFSET ?1 ROWS FETCH NEXT ?2 ROWS ONLY")
if err != nil {

View File

@ -9,7 +9,6 @@ import "database/sql"
//import "./query_gen/lib"
// nolint
var getUserStmt *sql.Stmt
var getReplyStmt *sql.Stmt
var getUserReplyStmt *sql.Stmt
var getPasswordStmt *sql.Stmt
@ -24,7 +23,6 @@ var getPluginsStmt *sql.Stmt
var getThemesStmt *sql.Stmt
var getWidgetsStmt *sql.Stmt
var isPluginActiveStmt *sql.Stmt
var getUsersStmt *sql.Stmt
var getUsersOffsetStmt *sql.Stmt
var getWordFiltersStmt *sql.Stmt
var isThemeDefaultStmt *sql.Stmt
@ -130,12 +128,6 @@ func _gen_mysql() (err error) {
log.Print("Building the generated statements")
}
log.Print("Preparing getUser statement.")
getUserStmt, err = db.Prepare("SELECT `name`,`group`,`is_super_admin`,`avatar`,`message`,`url_prefix`,`url_name`,`level` FROM `users` WHERE `uid` = ?")
if err != nil {
return err
}
log.Print("Preparing getReply statement.")
getReplyStmt, err = db.Prepare("SELECT `tid`,`content`,`createdBy`,`createdAt`,`lastEdit`,`lastEditBy`,`ipaddress`,`likeCount` FROM `replies` WHERE `rid` = ?")
if err != nil {
@ -220,12 +212,6 @@ func _gen_mysql() (err error) {
return err
}
log.Print("Preparing getUsers statement.")
getUsersStmt, err = db.Prepare("SELECT `uid`,`name`,`group`,`active`,`is_super_admin`,`avatar` FROM `users`")
if err != nil {
return err
}
log.Print("Preparing getUsersOffset statement.")
getUsersOffsetStmt, err = db.Prepare("SELECT `uid`,`name`,`group`,`active`,`is_super_admin`,`avatar` FROM `users` ORDER BY uid ASC LIMIT ?,?")
if err != nil {

View File

@ -650,6 +650,7 @@ func routeBanSubmit(w http.ResponseWriter, r *http.Request, user User) RouteErro
return InternalError(err, w, r)
}
// TODO: Is there a difference between IsMod and IsSuperMod? Should we delete the redundant one?
if targetUser.IsSuperAdmin || targetUser.IsAdmin || targetUser.IsMod {
return LocalError("You may not ban another staff member.", w, r, user)
}

View File

@ -835,8 +835,6 @@ func routePanelPlugins(w http.ResponseWriter, r *http.Request, user User) RouteE
var pluginList []interface{}
for _, plugin := range plugins {
//log.Print("plugin.Name ", plugin.Name)
//log.Print("plugin.Installed ", plugin.Installed)
pluginList = append(pluginList, plugin)
}
@ -1047,6 +1045,7 @@ func routePanelUsers(w http.ResponseWriter, r *http.Request, user User) RouteErr
offset, page, lastPage := pageOffset(stats.Users, page, perPage)
var userList []User
// TODO: Move this into the UserStore
rows, err := getUsersOffsetStmt.Query(offset, perPage)
if err != nil {
return InternalError(err, w, r)

View File

@ -220,16 +220,13 @@ func seedTables(adapter qgen.DB_Adapter) error {
}
func writeSelects(adapter qgen.DB_Adapter) error {
// url_prefix and url_name will be removed from this query in a later commit
adapter.SimpleSelect("getUser", "users", "name, group, is_super_admin, avatar, message, url_prefix, url_name, level", "uid = ?", "", "")
// Looking for getTopic? Your statement is in another castle
adapter.SimpleSelect("getReply", "replies", "tid, content, createdBy, createdAt, lastEdit, lastEditBy, ipaddress, likeCount", "rid = ?", "", "")
adapter.SimpleSelect("getUserReply", "users_replies", "uid, content, createdBy, createdAt, lastEdit, lastEditBy, ipaddress", "rid = ?", "", "")
adapter.SimpleSelect("getPassword", "users", "password,salt", "uid = ?", "", "")
adapter.SimpleSelect("getPassword", "users", "password, salt", "uid = ?", "", "")
adapter.SimpleSelect("getSettings", "settings", "name, content, type", "", "", "")
@ -255,8 +252,6 @@ func writeSelects(adapter qgen.DB_Adapter) error {
//adapter.SimpleSelect("isPluginInstalled","plugins","installed","uname = ?","","")
adapter.SimpleSelect("getUsers", "users", "uid, name, group, active, is_super_admin, avatar", "", "", "")
adapter.SimpleSelect("getUsersOffset", "users", "uid, name, group, active, is_super_admin, avatar", "", "uid ASC", "?,?")
adapter.SimpleSelect("getWordFilters", "word_filters", "wfid, find, replacement", "", "", "")
@ -305,6 +300,7 @@ func writeLeftJoins(adapter qgen.DB_Adapter) error {
adapter.SimpleLeftJoin("getTopicList", "topics", "users", "topics.tid, topics.title, topics.content, topics.createdBy, topics.is_closed, topics.sticky, topics.createdAt, topics.parentID, users.name, users.avatar", "topics.createdBy = users.uid", "", "topics.sticky DESC, topics.lastReplyAt DESC, topics.createdBy DESC", "")
// TODO: Can we get rid of this?
adapter.SimpleLeftJoin("getTopicUser", "topics", "users", "topics.title, topics.content, topics.createdBy, topics.createdAt, topics.is_closed, topics.sticky, topics.parentID, topics.ipaddress, topics.postCount, topics.likeCount, users.name, users.avatar, users.group, users.url_prefix, users.url_name, users.level", "topics.createdBy = users.uid", "tid = ?", "", "")
adapter.SimpleLeftJoin("getTopicByReply", "replies", "topics", "topics.tid, topics.title, topics.content, topics.createdBy, topics.createdAt, topics.is_closed, topics.sticky, topics.parentID, topics.ipaddress, topics.postCount, topics.likeCount, topics.data", "replies.tid = topics.tid", "rid = ?", "", "")

View File

@ -6,7 +6,7 @@ import "log"
//import "strings"
import "os"
var routeList []Route
var routeList []*RouteImpl
var routeGroups []*RouteGroup
func main() {
@ -59,7 +59,7 @@ func main() {
}
out += "\n\t\t\tswitch(req.URL.Path) {"
var defaultRoute Route
var defaultRoute = blankRoute()
for _, route := range group.RouteList {
if group.Path == route.Path {
defaultRoute = route

View File

@ -1,6 +1,6 @@
package main
type Route struct {
type RouteImpl struct {
Name string
Path string
Before string
@ -9,15 +9,15 @@ type Route struct {
type RouteGroup struct {
Path string
RouteList []Route
RouteList []*RouteImpl
Before []string
}
func addRoute(fname string, path string, before string, vars ...string) {
routeList = append(routeList, Route{fname, path, before, vars})
routeList = append(routeList, &RouteImpl{fname, path, before, vars})
}
func newRouteGroup(path string, routes ...Route) *RouteGroup {
func newRouteGroup(path string, routes ...*RouteImpl) *RouteGroup {
return &RouteGroup{path, routes, []string{}}
}
@ -29,10 +29,23 @@ func (group *RouteGroup) RunBefore(line string) {
group.Before = append(group.Before, line)
}
func (group *RouteGroup) Routes(routes ...Route) {
func (group *RouteGroup) Routes(routes ...*RouteImpl) {
group.RouteList = append(group.RouteList, routes...)
}
func blankRoute() *RouteImpl {
return &RouteImpl{"", "", "", []string{}}
}
func Route(fname string, path string, args ...string) *RouteImpl {
var before = ""
if len(args) > 0 {
before = args[0]
args = args[1:]
}
return &RouteImpl{fname, path, before, args}
}
func routes() {
//addRoute("default_route","","")
addRoute("routeAPI", "/api/", "")
@ -47,61 +60,64 @@ func routes() {
addRoute("routeShowAttachment", "/attachs/", "", "extra_data")
reportGroup := newRouteGroup("/report/",
Route{"routeReportSubmit", "/report/submit/", "", []string{"extra_data"}},
Route("routeReportSubmit", "/report/submit/", "", "extra_data"),
)
addRouteGroup(reportGroup)
topicGroup := newRouteGroup("/topics/",
Route{"routeTopics", "/topics/", "", []string{}},
Route{"routeTopicCreate", "/topics/create/", "", []string{"extra_data"}},
Route("routeTopics", "/topics/"),
Route("routeTopicCreate", "/topics/create/", "", "extra_data"),
)
addRouteGroup(topicGroup)
// The Control Panel
buildPanelRoutes()
}
func buildPanelRoutes() {
panelGroup := newRouteGroup("/panel/")
panelGroup.RunBefore("SuperModOnly")
panelGroup.Routes(
Route{"routePanel", "/panel/", "", []string{}},
Route{"routePanelForums", "/panel/forums/", "", []string{}},
Route{"routePanelForumsCreateSubmit", "/panel/forums/create/", "", []string{}},
Route{"routePanelForumsDelete", "/panel/forums/delete/", "", []string{"extra_data"}},
Route{"routePanelForumsDeleteSubmit", "/panel/forums/delete/submit/", "", []string{"extra_data"}},
Route{"routePanelForumsEdit", "/panel/forums/edit/", "", []string{"extra_data"}},
Route{"routePanelForumsEditSubmit", "/panel/forums/edit/submit/", "", []string{"extra_data"}},
Route{"routePanelForumsEditPermsSubmit", "/panel/forums/edit/perms/submit/", "", []string{"extra_data"}},
Route("routePanel", "/panel/"),
Route("routePanelForums", "/panel/forums/"),
Route("routePanelForumsCreateSubmit", "/panel/forums/create/"),
Route("routePanelForumsDelete", "/panel/forums/delete/", "", "extra_data"),
Route("routePanelForumsDeleteSubmit", "/panel/forums/delete/submit/", "", "extra_data"),
Route("routePanelForumsEdit", "/panel/forums/edit/", "", "extra_data"),
Route("routePanelForumsEditSubmit", "/panel/forums/edit/submit/", "", "extra_data"),
Route("routePanelForumsEditPermsSubmit", "/panel/forums/edit/perms/submit/", "", "extra_data"),
Route{"routePanelSettings", "/panel/settings/", "", []string{}},
Route{"routePanelSetting", "/panel/settings/edit/", "", []string{"extra_data"}},
Route{"routePanelSettingEdit", "/panel/settings/edit/submit/", "", []string{"extra_data"}},
Route("routePanelSettings", "/panel/settings/"),
Route("routePanelSetting", "/panel/settings/edit/", "", "extra_data"),
Route("routePanelSettingEdit", "/panel/settings/edit/submit/", "", "extra_data"),
Route{"routePanelWordFilters", "/panel/settings/word-filters/", "", []string{}},
Route{"routePanelWordFiltersCreate", "/panel/settings/word-filters/create/", "", []string{}},
Route{"routePanelWordFiltersEdit", "/panel/settings/word-filters/edit/", "", []string{"extra_data"}},
Route{"routePanelWordFiltersEditSubmit", "/panel/settings/word-filters/edit/submit/", "", []string{"extra_data"}},
Route{"routePanelWordFiltersDeleteSubmit", "/panel/settings/word-filters/delete/submit/", "", []string{"extra_data"}},
Route("routePanelWordFilters", "/panel/settings/word-filters/"),
Route("routePanelWordFiltersCreate", "/panel/settings/word-filters/create/"),
Route("routePanelWordFiltersEdit", "/panel/settings/word-filters/edit/", "", "extra_data"),
Route("routePanelWordFiltersEditSubmit", "/panel/settings/word-filters/edit/submit/", "", "extra_data"),
Route("routePanelWordFiltersDeleteSubmit", "/panel/settings/word-filters/delete/submit/", "", "extra_data"),
Route{"routePanelThemes", "/panel/themes/", "", []string{}},
Route{"routePanelThemesSetDefault", "/panel/themes/default/", "", []string{"extra_data"}},
Route("routePanelThemes", "/panel/themes/"),
Route("routePanelThemesSetDefault", "/panel/themes/default/", "", "extra_data"),
Route{"routePanelPlugins", "/panel/plugins/", "", []string{}},
Route{"routePanelPluginsActivate", "/panel/plugins/activate/", "", []string{"extra_data"}},
Route{"routePanelPluginsDeactivate", "/panel/plugins/deactivate/", "", []string{"extra_data"}},
Route{"routePanelPluginsInstall", "/panel/plugins/install/", "", []string{"extra_data"}},
Route("routePanelPlugins", "/panel/plugins/"),
Route("routePanelPluginsActivate", "/panel/plugins/activate/", "", "extra_data"),
Route("routePanelPluginsDeactivate", "/panel/plugins/deactivate/", "", "extra_data"),
Route("routePanelPluginsInstall", "/panel/plugins/install/", "", "extra_data"),
Route{"routePanelUsers", "/panel/users/", "", []string{}},
Route{"routePanelUsersEdit", "/panel/users/edit/", "", []string{"extra_data"}},
Route{"routePanelUsersEditSubmit", "/panel/users/edit/submit/", "", []string{"extra_data"}},
Route("routePanelUsers", "/panel/users/"),
Route("routePanelUsersEdit", "/panel/users/edit/", "", "extra_data"),
Route("routePanelUsersEditSubmit", "/panel/users/edit/submit/", "", "extra_data"),
Route{"routePanelGroups", "/panel/groups/", "", []string{}},
Route{"routePanelGroupsEdit", "/panel/groups/edit/", "", []string{"extra_data"}},
Route{"routePanelGroupsEditPerms", "/panel/groups/edit/perms/", "", []string{"extra_data"}},
Route{"routePanelGroupsEditSubmit", "/panel/groups/edit/submit/", "", []string{"extra_data"}},
Route{"routePanelGroupsEditPermsSubmit", "/panel/groups/edit/perms/submit/", "", []string{"extra_data"}},
Route{"routePanelGroupsCreateSubmit", "/panel/groups/create/", "", []string{}},
Route("routePanelGroups", "/panel/groups/"),
Route("routePanelGroupsEdit", "/panel/groups/edit/", "", "extra_data"),
Route("routePanelGroupsEditPerms", "/panel/groups/edit/perms/", "", "extra_data"),
Route("routePanelGroupsEditSubmit", "/panel/groups/edit/submit/", "", "extra_data"),
Route("routePanelGroupsEditPermsSubmit", "/panel/groups/edit/perms/submit/", "", "extra_data"),
Route("routePanelGroupsCreateSubmit", "/panel/groups/create/"),
Route{"routePanelBackups", "/panel/backups/", "", []string{"extra_data"}},
Route{"routePanelLogsMod", "/panel/logs/mod/", "", []string{}},
Route{"routePanelDebug", "/panel/debug/", "", []string{}},
Route("routePanelBackups", "/panel/backups/", "", "extra_data"),
Route("routePanelLogsMod", "/panel/logs/mod/"),
Route("routePanelDebug", "/panel/debug/"),
)
addRouteGroup(panelGroup)
}

View File

@ -73,24 +73,7 @@ func simpleForumUserCheck(w http.ResponseWriter, r *http.Request, user *User, fi
}
fperms := group.Forums[fid]
if fperms.Overrides && !user.IsSuperAdmin {
user.Perms.ViewTopic = fperms.ViewTopic
user.Perms.LikeItem = fperms.LikeItem
user.Perms.CreateTopic = fperms.CreateTopic
user.Perms.EditTopic = fperms.EditTopic
user.Perms.DeleteTopic = fperms.DeleteTopic
user.Perms.CreateReply = fperms.CreateReply
user.Perms.EditReply = fperms.EditReply
user.Perms.DeleteReply = fperms.DeleteReply
user.Perms.PinTopic = fperms.PinTopic
user.Perms.CloseTopic = fperms.CloseTopic
if len(fperms.ExtData) != 0 {
for name, perm := range fperms.ExtData {
user.PluginPerms[name] = perm
}
}
}
cascadeForumPerms(fperms, user)
return headerLite, nil
}
@ -119,6 +102,12 @@ func forumUserCheck(w http.ResponseWriter, r *http.Request, user *User, fid int)
fperms := group.Forums[fid]
//log.Printf("user.Perms: %+v\n", user.Perms)
//log.Printf("fperms: %+v\n", fperms)
cascadeForumPerms(fperms, user)
return headerVars, ferr
}
// TODO: Put this on the user instance? Do we really want forum specific logic in there? Maybe, a method which spits a new pointer with the same contents as user?
func cascadeForumPerms(fperms ForumPerms, user *User) {
if fperms.Overrides && !user.IsSuperAdmin {
user.Perms.ViewTopic = fperms.ViewTopic
user.Perms.LikeItem = fperms.LikeItem
@ -137,7 +126,6 @@ func forumUserCheck(w http.ResponseWriter, r *http.Request, user *User, fid int)
}
}
}
return headerVars, ferr
}
// Even if they have the right permissions, the control panel is only open to supermods+. There are many areas without subpermissions which assume that the current user is a supermod+ and admins are extremely unlikely to give these permissions to someone who isn't at-least a supermod to begin with