diff options
| author | Martin Fischer <martin@push-f.com> | 2021-06-24 17:45:54 +0200 |
|---|---|---|
| committer | Martin Fischer <martin@push-f.com> | 2021-06-24 18:02:30 +0200 |
| commit | d49d835e63ec654e3a5bf75b3b365354460382e8 (patch) | |
| tree | 4fc823707248f770b8595b5537bef7a75e503335 /src/post_routes.rs | |
| parent | 0bb0af08c3fb7e100e5451e636719ce367fe1138 (diff) | |
refactor: simplify Controller request interception
In multi-user mode if Alice attempts to access /~bob/ she would get an
Unauthorized error since branches are private. To improve the UX we
instead already showed Alice a list of which files Bob has shared with
her. Previously this was achieved with an before_return_error hook
in the Controller trait.
While this worked fine, it wasn't elegant, since it required passing
the Context struct in all Unauthorized errors, so that the
before_return_error hook could access the context.
This commit refactors the code to intercept requests to paths like
/~bob/ before the regular request handling instead of afterwards.
While this could have been implemented in the before_route hook, this
would have required either invoking parse_url_path a second time or
passing the Result of parse_url_path, both of which would be akward.
Therefore this commit also merges before_route into parse_url_path.
Diffstat (limited to 'src/post_routes.rs')
| -rw-r--r-- | src/post_routes.rs | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/src/post_routes.rs b/src/post_routes.rs index 311ee57..0374cae 100644 --- a/src/post_routes.rs +++ b/src/post_routes.rs @@ -111,7 +111,6 @@ async fn update_blob<C: Controller>( if !controller.may_write_path(&ctx) { return Err(Error::Unauthorized( "you are not authorized to edit this file".into(), - ctx, )); } let mut data: EditForm = body.into_form().await?; @@ -162,7 +161,6 @@ async fn upload_blob<C: Controller>( if !controller.may_write_path(&ctx) { return Err(Error::Unauthorized( "you are not authorized to edit this file".into(), - ctx, )); } // Extract the `multipart/form-data` boundary from the headers. @@ -206,7 +204,6 @@ async fn move_entry<C: Controller>( if !controller.may_move_path(&ctx) { return Err(Error::Unauthorized( "you are not authorized to move this file".into(), - ctx, )); } let mut data: MoveForm = body.into_form().await?; @@ -288,7 +285,6 @@ async fn remove_entry<C: Controller>( if !controller.may_move_path(&ctx) { return Err(Error::Unauthorized( "you are not authorized to remove this file".into(), - ctx, )); } let data: RemoveForm = body.into_form().await?; @@ -324,7 +320,6 @@ async fn diff_blob<C: Controller>( if !controller.may_write_path(&ctx) { return Err(Error::Unauthorized( "you are not authorized to edit this file".into(), - ctx, )); } |