Merge branch 'deny-dupped-relations' into 'master'
add auth to user and relation adding See merge request ZeusWPI/cat!5
This commit is contained in:
commit
6351e4ac79
2 changed files with 5 additions and 5 deletions
|
@ -19,7 +19,7 @@
|
||||||
(GET "/" req (show-home req))
|
(GET "/" req (show-home req))
|
||||||
(GET "/relations_zeroed" [] (show-relations)))
|
(GET "/relations_zeroed" [] (show-relations)))
|
||||||
|
|
||||||
(defroutes user-routes
|
(defroutes user-routes ;; These are protect inside their respective functions
|
||||||
(POST "/relation_request/:id/status" [id & body :as req] (update-relationrequest-status id body req)) ; STATUS ENUM: (open, accepted, rejected)
|
(POST "/relation_request/:id/status" [id & body :as req] (update-relationrequest-status id body req)) ; STATUS ENUM: (open, accepted, rejected)
|
||||||
(POST "/request_relation" req (create-relation-request req)))
|
(POST "/request_relation" req (create-relation-request req)))
|
||||||
|
|
||||||
|
@ -40,7 +40,8 @@
|
||||||
middleware/wrap-formats)
|
middleware/wrap-formats)
|
||||||
user-routes
|
user-routes
|
||||||
oauth-routes
|
oauth-routes
|
||||||
admin-routes
|
(-> admin-routes
|
||||||
|
middleware/wrap-restricted-admin)
|
||||||
(route/not-found
|
(route/not-found
|
||||||
(:body
|
(:body
|
||||||
(error-page {:status 404
|
(error-page {:status 404
|
||||||
|
@ -50,4 +51,3 @@
|
||||||
:start
|
:start
|
||||||
(-> app-routes
|
(-> app-routes
|
||||||
middleware/wrap-base))
|
middleware/wrap-base))
|
||||||
|
|
||||||
|
|
|
@ -65,10 +65,10 @@
|
||||||
{:status 403
|
{:status 403
|
||||||
:title (str "Access to " (:uri request) " is not authorised")}))
|
:title (str "Access to " (:uri request) " is not authorised")}))
|
||||||
|
|
||||||
(defn wrap-restricted
|
(defn wrap-restricted-admin
|
||||||
"Example of how to wrap a route or handling in an authentication scheme"
|
"Example of how to wrap a route or handling in an authentication scheme"
|
||||||
[handler]
|
[handler]
|
||||||
(restrict handler {:handler authenticated?
|
(restrict handler {:handler admin-access
|
||||||
:on-error on-auth-error}))
|
:on-error on-auth-error}))
|
||||||
|
|
||||||
(defn wrap-auth
|
(defn wrap-auth
|
||||||
|
|
Loading…
Reference in a new issue