Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
haskell-gargantext
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
148
Issues
148
List
Board
Labels
Milestones
Merge Requests
7
Merge Requests
7
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
gargantext
haskell-gargantext
Commits
fb894d00
Commit
fb894d00
authored
Oct 02, 2023
by
Alfredo Di Napoli
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Protect the TreeAPI
parent
4e054277
Pipeline
#4644
failed with stages
in 55 minutes and 22 seconds
Changes
3
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
23 additions
and
5 deletions
+23
-5
Auth.hs
src/Gargantext/API/Admin/Auth.hs
+17
-0
Routes.hs
src/Gargantext/API/Routes.hs
+5
-4
Private.hs
test/Test/API/Private.hs
+1
-1
No files found.
src/Gargantext/API/Admin/Auth.hs
View file @
fb894d00
...
...
@@ -31,6 +31,7 @@ And you have the main viz
module
Gargantext.API.Admin.Auth
(
auth
,
withPolicy
,
withPolicyT
,
forgotPassword
,
forgotPasswordAsync
,
withAccess
...
...
@@ -177,6 +178,22 @@ withPolicy ur checks m mgr = case mgr of
Allow
->
m
Deny
err
->
throwError
$
GargServerError
$
err
withPolicyT
::
forall
env
m
api
.
(
GargServerC
env
GargError
m
,
HasServer
api
'[
]
)
=>
Proxy
api
->
Proxy
m
->
AuthenticatedUser
->
BoolExpr
AccessCheck
->
ServerT
api
m
->
AccessPolicyManager
->
ServerT
api
m
withPolicyT
p
_
ur
checks
m0
mgr
=
hoistServer
p
f
m0
where
f
::
forall
a
.
m
a
->
m
a
f
m
=
withPolicy
ur
checks
m
mgr
{- | Collaborative Schema
User at his root can create Teams Folder
User can create Team in Teams Folder.
...
...
src/Gargantext/API/Routes.hs
View file @
fb894d00
...
...
@@ -14,6 +14,7 @@ Portability : POSIX
{-# LANGUAGE ScopedTypeVariables #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE TypeOperators #-}
{-# LANGUAGE TypeApplications #-}
module
Gargantext.API.Routes
where
...
...
@@ -27,7 +28,7 @@ import Servant.Auth as SA
import
Servant.Auth.Swagger
()
import
Servant.Swagger.UI
import
Gargantext.API.Admin.Auth
(
ForgotPasswordAPI
,
ForgotPasswordAsyncAPI
,
withAccess
)
import
Gargantext.API.Admin.Auth
(
ForgotPasswordAPI
,
ForgotPasswordAsyncAPI
,
withAccess
,
withPolicyT
)
import
Gargantext.API.Admin.Auth.Types
(
AuthRequest
,
AuthResponse
,
AuthenticatedUser
(
..
),
PathId
(
..
))
import
Gargantext.API.Admin.EnvTypes
(
Env
,
GargJob
(
..
))
import
Gargantext.API.Admin.FrontEnd
(
FrontEndAPI
)
...
...
@@ -55,6 +56,7 @@ import qualified Gargantext.API.Node.Corpus.New as New
import
qualified
Gargantext.API.Node.Document.Export
as
DocumentExport
import
qualified
Gargantext.API.Node.Document.Export.Types
as
DocumentExport
import
qualified
Gargantext.API.Public
as
Public
import
Gargantext.API.Auth.PolicyCheck
type
GargAPI
=
MkGargAPI
(
GargAPIVersion
GargAPI'
)
...
...
@@ -170,7 +172,7 @@ type GargPrivateAPI' =
-- Tree endpoint
:<|>
"tree"
:>
Summary
"Tree endpoint"
:>
Capture
"tree_id"
NodeId
:>
TreeAPI
:>
PolicyChecked
TreeAPI
-- Flat tree endpoint
:<|>
"treeflat"
:>
Summary
"Flat tree endpoint"
:>
Capture
"tree_id"
NodeId
...
...
@@ -262,8 +264,7 @@ serverPrivateGargAPI' authenticatedUser@(AuthenticatedUser (NodeId uid))
:<|>
withAccess
(
Proxy
::
Proxy
GraphAPI
)
Proxy
authenticatedUser
<$>
PathNode
<*>
graphAPI
uid
-- TODO: mock
:<|>
withAccess
(
Proxy
::
Proxy
TreeAPI
)
Proxy
authenticatedUser
<$>
PathNode
<*>
treeAPI
:<|>
(
\
nodeId
->
withPolicyT
(
Proxy
@
TreeAPI
)
Proxy
authenticatedUser
(
nodeChecks
nodeId
)
(
treeAPI
nodeId
))
:<|>
withAccess
(
Proxy
::
Proxy
TreeFlatAPI
)
Proxy
authenticatedUser
<$>
PathNode
<*>
treeFlatAPI
...
...
test/Test/API/Private.hs
View file @
fb894d00
...
...
@@ -143,4 +143,4 @@ tests = sequential $ aroundAll withTestDBAndPort $ do
withApplication
app
$
do
withValidLogin
port
"alice"
(
GargPassword
"alice"
)
$
\
token
->
do
protected
token
"GET"
(
mkUrl
port
"/tree/1"
)
""
`
shouldRespondWith
`
[
json
|
{}
|]
`
shouldRespondWith
`
403
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment