Merge branch 'deny-dupped-relations' into 'master'
add auth to user and relation adding See merge request ZeusWPI/cat!5
This commit is contained in:
commit
6351e4ac79
2 changed files with 5 additions and 5 deletions
|
@ -19,7 +19,7 @@
|
|||
(GET "/" req (show-home req))
|
||||
(GET "/relations_zeroed" [] (show-relations)))
|
||||
|
||||
(defroutes user-routes
|
||||
(defroutes user-routes ;; These are protect inside their respective functions
|
||||
(POST "/relation_request/:id/status" [id & body :as req] (update-relationrequest-status id body req)) ; STATUS ENUM: (open, accepted, rejected)
|
||||
(POST "/request_relation" req (create-relation-request req)))
|
||||
|
||||
|
@ -40,7 +40,8 @@
|
|||
middleware/wrap-formats)
|
||||
user-routes
|
||||
oauth-routes
|
||||
admin-routes
|
||||
(-> admin-routes
|
||||
middleware/wrap-restricted-admin)
|
||||
(route/not-found
|
||||
(:body
|
||||
(error-page {:status 404
|
||||
|
@ -50,4 +51,3 @@
|
|||
:start
|
||||
(-> app-routes
|
||||
middleware/wrap-base))
|
||||
|
||||
|
|
|
@ -65,10 +65,10 @@
|
|||
{:status 403
|
||||
:title (str "Access to " (:uri request) " is not authorised")}))
|
||||
|
||||
(defn wrap-restricted
|
||||
(defn wrap-restricted-admin
|
||||
"Example of how to wrap a route or handling in an authentication scheme"
|
||||
[handler]
|
||||
(restrict handler {:handler authenticated?
|
||||
(restrict handler {:handler admin-access
|
||||
:on-error on-auth-error}))
|
||||
|
||||
(defn wrap-auth
|
||||
|
|
Loading…
Reference in a new issue