Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
H
haskell-gargantext
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Przemyslaw Kaminski
haskell-gargantext
Commits
15016170
Commit
15016170
authored
Jun 14, 2022
by
Karen Konou
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[GQL] Team management authorization check
parent
d9a0e617
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
26 additions
and
7 deletions
+26
-7
Team.hs
src/Gargantext/API/GraphQL/Team.hs
+26
-7
No files found.
src/Gargantext/API/GraphQL/Team.hs
View file @
15016170
...
...
@@ -13,16 +13,23 @@ import Gargantext.Core.Types (NodeId(..), unNodeId)
import
Gargantext.Database.Prelude
(
HasConnectionPool
)
import
Gargantext.Database
(
HasConfig
)
import
Gargantext.Core.Mail.Types
(
HasMail
)
import
Gargantext.Database.Query.Table.Node
(
getNode
)
import
Gargantext.API.GraphQL.Utils
(
authUser
,
AuthStatus
(
Invalid
,
Valid
))
import
Gargantext.Database.Schema.Node
(
NodePoly
(
Node
,
_node_id
),
_node_user_id
)
import
Gargantext.API.Admin.Types
(
HasSettings
)
import
Gargantext.Database.Query.Table.User
(
getUsersWithNodeHyperdata
)
data
TeamArgs
=
TeamArgs
import
qualified
Data.Text
as
T
data
TeamArgs
=
TeamArgs
{
team_node_id
::
Int
}
deriving
(
Generic
,
GQLType
)
data
TeamMember
=
TeamMember
data
TeamMember
=
TeamMember
{
username
::
Text
,
shared_folder_id
::
Int
}
deriving
(
Generic
,
GQLType
)
data
TeamDeleteMArgs
=
TeamDeleteMArgs
data
TeamDeleteMArgs
=
TeamDeleteMArgs
{
token
::
Text
,
shared_folder_id
::
Int
,
team_node_id
::
Int
...
...
@@ -49,7 +56,19 @@ dbTeam nodeId = do
shared_folder_id
=
unNodeId
fId
}
-- TODO: authorization check, list argument
deleteTeamMembership
::
(
HasConnectionPool
env
,
HasConfig
env
,
HasMail
env
)
=>
TeamDeleteMArgs
->
GqlM'
e
env
[
Int
]
deleteTeamMembership
TeamDeleteMArgs
{
shared_folder_id
,
team_node_id
}
=
do
lift
$
deleteMemberShip
[(
NodeId
shared_folder_id
,
NodeId
team_node_id
)]
\ No newline at end of file
-- TODO: list as argument
deleteTeamMembership
::
(
HasConnectionPool
env
,
HasConfig
env
,
HasMail
env
,
HasSettings
env
)
=>
TeamDeleteMArgs
->
GqlM'
e
env
[
Int
]
deleteTeamMembership
TeamDeleteMArgs
{
token
,
shared_folder_id
,
team_node_id
}
=
do
teamNode
<-
lift
$
getNode
$
NodeId
team_node_id
userNodes
<-
lift
(
getUsersWithNodeHyperdata
$
uId
teamNode
)
case
userNodes
of
[]
->
panic
$
"[deleteTeamMembership] User with id "
<>
T
.
pack
(
show
$
uId
teamNode
)
<>
" doesn't exist."
((
_
,
node_u
)
:
_
)
->
do
testAuthUser
<-
lift
$
authUser
(
nId
node_u
)
token
case
testAuthUser
of
Invalid
->
panic
"[deleteTeamMembership] failed to validate user"
Valid
->
do
lift
$
deleteMemberShip
[(
NodeId
shared_folder_id
,
NodeId
team_node_id
)]
where
uId
Node
{
_node_user_id
}
=
_node_user_id
nId
Node
{
_node_id
}
=
_node_id
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment