From ca17d60709f9d747c423a29a49e2c2c5f93797be Mon Sep 17 00:00:00 2001 From: Andrea Fazzi Date: Fri, 24 Jan 2020 07:15:23 +0100 Subject: [PATCH] Refactoring handlers --- handlers/handlers.go | 122 ++++++++++++++++++------------------------- 1 file changed, 52 insertions(+), 70 deletions(-) diff --git a/handlers/handlers.go b/handlers/handlers.go index 2451f7ad..56ea9055 100644 --- a/handlers/handlers.go +++ b/handlers/handlers.go @@ -253,6 +253,10 @@ func (h *Handlers) cookieExtractor(r *http.Request) (string, error) { return string(token), nil } +func getClaims(r *http.Request) jwt.MapClaims { + return r.Context().Value("user").(*jwt.Token).Claims.(jwt.MapClaims) +} + func DefaultRecoverHandler(next http.Handler) http.Handler { fn := func(w http.ResponseWriter, r *http.Request) { defer func() { @@ -280,7 +284,10 @@ func (h *Handlers) setFlashMessage(w http.ResponseWriter, r *http.Request, key s return nil } -func (h *Handlers) hasPermission(role, path string) bool { +func (h *Handlers) hasPermission(r *http.Request, path string) bool { + claims := getClaims(r) + role := claims["role"].(string) + if h.permissions[role] == nil { return false } @@ -288,61 +295,48 @@ func (h *Handlers) hasPermission(role, path string) bool { return h.permissions[role][path] } +func (h *Handlers) callModelFunc(w http.ResponseWriter, r *http.Request, model string, pattern config.PathPattern) (interface{}, error) { + fn, err := h.Database.GetFunc(pattern.Path(model)) + if err != nil { + return nil, err + } + if !h.hasPermission(r, pattern.Path(model)) { + return nil, errors.NotAuthorized + } + data, err := fn(h.Database, mux.Vars(r), w, r) + if err != nil { + return nil, err + } + + return data, nil +} + func (h *Handlers) get(w http.ResponseWriter, r *http.Request, model string, pattern config.PathPattern) error { - format := r.URL.Query().Get("format") - getFn, err := h.Database.GetFunc(pattern.Path(model)) + data, err := h.callModelFunc(w, r, model, pattern) if err != nil { return err - } else { - claims := r.Context().Value("user").(*jwt.Token).Claims.(jwt.MapClaims) - role := claims["role"].(string) - if !h.hasPermission(role, pattern.Path(model)) { - return errors.NotAuthorized - } else { - data, err := getFn(h.Database, mux.Vars(r), w, r) - if err != nil { - h.Renderer[format].Render(w, r, h.CookieStore, err) - } else { - h.Renderer[format].Render(w, r, h.CookieStore, data, r.URL.Query()) - } - } } + format := r.URL.Query().Get("format") + h.Renderer[format].Render(w, r, h.CookieStore, data, r.URL.Query()) return nil } func (h *Handlers) post(w http.ResponseWriter, r *http.Request, model string, pattern config.PathPattern) error { - var ( - data interface{} - err error - ) - - respFormat := renderer.GetContentFormat(r) - postFn, err := h.Database.GetFunc(pattern.Path(model)) - + data, err := h.callModelFunc(w, r, model, pattern) if err != nil { return err - } else { - claims := r.Context().Value("user").(*jwt.Token).Claims.(jwt.MapClaims) - - role := claims["role"].(string) - if !h.hasPermission(role, pattern.Path(model)) { - return errors.NotAuthorized + } + if pattern.RedirectPattern != "" { + if id := mux.Vars(r)["id"]; id != "" { + modelId, _ := strconv.Atoi(id) + http.Redirect(w, r, pattern.RedirectPath(model, uint(modelId)), http.StatusSeeOther) } else { - data, err = postFn(h.Database, mux.Vars(r), w, r) - if err != nil { - return err - } else if pattern.RedirectPattern != "" { - if id := mux.Vars(r)["id"]; id != "" { - modelId, _ := strconv.Atoi(id) - http.Redirect(w, r, pattern.RedirectPath(model, uint(modelId)), http.StatusSeeOther) - } else { - http.Redirect(w, r, pattern.RedirectPath(model, data.(orm.IDer).GetID()), http.StatusSeeOther) - } - } else { - h.Renderer[respFormat].Render(w, r, h.CookieStore, data.(orm.IDer).GetID()) - } + http.Redirect(w, r, pattern.RedirectPath(model, data.(orm.IDer).GetID()), http.StatusSeeOther) } + } else { + format := renderer.GetContentFormat(r) + h.Renderer[format].Render(w, r, h.CookieStore, data.(orm.IDer).GetID()) } return nil @@ -350,34 +344,21 @@ func (h *Handlers) post(w http.ResponseWriter, r *http.Request, model string, pa } func (h *Handlers) delete(w http.ResponseWriter, r *http.Request, model string, pattern config.PathPattern) error { - var data interface{} + data, err := h.callModelFunc(w, r, model, pattern) + if err != nil { + return err + } + if pattern.RedirectPattern != "" { + var data struct { + RedirectUrl string `json:"redirect_url"` + } + data.RedirectUrl = pattern.RedirectPath(model) - respFormat := renderer.GetContentFormat(r) - - claims := r.Context().Value("user").(*jwt.Token).Claims.(jwt.MapClaims) - role := claims["role"].(string) - if !h.hasPermission(role, pattern.Path(model)) { - return errors.NotAuthorized + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(data) } else { - postFn, err := h.Database.GetFunc(pattern.Path(model)) - if err != nil { - return err - // h.Renderer[r.URL.Query().Get("format")].Render(w, r, h.CookieStore, err) - } - data, err = postFn(h.Database, mux.Vars(r), w, r) - if err != nil { - return err - } else if pattern.RedirectPattern != "" { - var data struct { - RedirectUrl string `json:"redirect_url"` - } - data.RedirectUrl = pattern.RedirectPath(model) - - w.Header().Set("Content-Type", "application/json") - json.NewEncoder(w).Encode(data) - } else { - h.Renderer[respFormat].Render(w, r, h.CookieStore, data.(orm.IDer).GetID()) - } + format := renderer.GetContentFormat(r) + h.Renderer[format].Render(w, r, h.CookieStore, data.(orm.IDer).GetID()) } return nil @@ -453,7 +434,8 @@ func (h *Handlers) modelHandler(model string, pattern config.PathPattern) handle func DefaultHomeHandler() http.Handler { fn := func(w http.ResponseWriter, r *http.Request) { - claims := r.Context().Value("user").(*jwt.Token).Claims.(jwt.MapClaims) + + claims := getClaims(r) switch claims["role"] {