Merge branch 'deny-dupped-relations' into 'master'

add auth to user and relation adding

See merge request ZeusWPI/cat!5
This commit is contained in:
flynn 2019-06-09 23:43:58 +02:00
commit 6351e4ac79
2 changed files with 5 additions and 5 deletions

View file

@ -19,7 +19,7 @@
(GET "/" req (show-home req)) (GET "/" req (show-home req))
(GET "/relations_zeroed" [] (show-relations))) (GET "/relations_zeroed" [] (show-relations)))
(defroutes user-routes (defroutes user-routes ;; These are protect inside their respective functions
(POST "/relation_request/:id/status" [id & body :as req] (update-relationrequest-status id body req)) ; STATUS ENUM: (open, accepted, rejected) (POST "/relation_request/:id/status" [id & body :as req] (update-relationrequest-status id body req)) ; STATUS ENUM: (open, accepted, rejected)
(POST "/request_relation" req (create-relation-request req))) (POST "/request_relation" req (create-relation-request req)))
@ -40,7 +40,8 @@
middleware/wrap-formats) middleware/wrap-formats)
user-routes user-routes
oauth-routes oauth-routes
admin-routes (-> admin-routes
middleware/wrap-restricted-admin)
(route/not-found (route/not-found
(:body (:body
(error-page {:status 404 (error-page {:status 404
@ -50,4 +51,3 @@
:start :start
(-> app-routes (-> app-routes
middleware/wrap-base)) middleware/wrap-base))

View file

@ -65,10 +65,10 @@
{:status 403 {:status 403
:title (str "Access to " (:uri request) " is not authorised")})) :title (str "Access to " (:uri request) " is not authorised")}))
(defn wrap-restricted (defn wrap-restricted-admin
"Example of how to wrap a route or handling in an authentication scheme" "Example of how to wrap a route or handling in an authentication scheme"
[handler] [handler]
(restrict handler {:handler authenticated? (restrict handler {:handler admin-access
:on-error on-auth-error})) :on-error on-auth-error}))
(defn wrap-auth (defn wrap-auth