HTWK/htwkalender
1
1
Fork 0
mirror of https://gitlab.dit.htwk-leipzig.de/htwk-software/htwkalender.git synced 2025-08-02 17:59:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat:#74 added security and refactored api endpoint

Browse Source
This commit is contained in:
masterElmar
2023-11-20 17:10:52 +01:00
parent ef9247c300
commit 426e25bf3e
5 changed files with 27 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
backend/service/addRoute.go
View File

@@ -1,7 +1,6 @@
package service
import (
"htwkalender/model"
"htwkalender/service/events"
"htwkalender/service/fetch"
"htwkalender/service/ical"
@@ -26,6 +25,7 @@ func AddRoutes(app *pocketbase.PocketBase) {
},
Middlewares: []echo.MiddlewareFunc{
apis.ActivityLogger(app),
apis.RequireAdminAuth(),
},
})
if err != nil {
@@ -61,6 +61,7 @@ func AddRoutes(app *pocketbase.PocketBase) {
},
Middlewares: []echo.MiddlewareFunc{
apis.ActivityLogger(app),
apis.RequireAdminAuth(),
},
})
if err != nil {
@@ -212,18 +213,11 @@ func AddRoutes(app *pocketbase.PocketBase) {
app.OnBeforeServe().Add(func(e *core.ServeEvent) error {
_, err := e.Router.AddRoute(echo.Route{
Method: http.MethodPost,
Method: http.MethodGet,
Path: "/api/module",
Handler: func(c echo.Context) error {
var requestModule model.Module
if err := c.Bind(&requestModule); err != nil {
return apis.NewBadRequestError("Failed to read request body", err)
}
module, err := events.GetModuleByName(app, requestModule)
requestModule := c.QueryParam("uuid")
module, err := events.GetModuleByUUID(app, requestModule)
if err != nil {
return c.JSON(400, err)
} else {
@@ -286,7 +280,7 @@ func AddRoutes(app *pocketbase.PocketBase) {
app.OnBeforeServe().Add(func(e *core.ServeEvent) error {
_, err := e.Router.AddRoute(echo.Route{
Method: http.MethodGet,
Path: "/api/feed/migrate",
Path: "/api/feeds/migrate",
Handler: func(c echo.Context) error {
err := ical.MigrateFeedJson(app)

12
backend/service/db/dbEvents.go
View File

@@ -196,6 +196,18 @@ func DeleteAllEvents(app *pocketbase.PocketBase) error {
return nil
}
func FindModuleByUUID(app *pocketbase.PocketBase, uuid string) (model.Module, error) {
var module model.Module
err := app.Dao().DB().Select("*").From("events").Where(dbx.NewExp("uuid = {:uuid}", dbx.Params{"uuid": uuid})).One(&module)
if err != nil {
print("Error while getting events from database: ", err)
return model.Module{}, err
}
return module, nil
}
func FindAllEventsByModule(app *pocketbase.PocketBase, module model.Module) (model.Events, error) {
var events model.Events

7
backend/service/events/eventService.go
View File

@@ -42,11 +42,8 @@ func GetAllModulesDistinct(app *pocketbase.PocketBase, c echo.Context) error {
}
}
// GetModuleByName returns a module by its name
// If the module does not exist, an error is returned
// If the module exists, the module is returned
// Module is a struct that exists in database as events
func GetModuleByName(app *pocketbase.PocketBase, module model.Module) (model.Module, error) {
func GetModuleByUUID(app *pocketbase.PocketBase, uuid string) (model.Module, error) {
module, err := db.FindModuleByUUID(app, uuid)
events, err := db.FindAllEventsByModule(app, module)
if err != nil || len(events) == 0 {