Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Apply read-only-validator.ts #7639

Merged

Conversation

jam411
Copy link
Contributor

@jam411 jam411 commented May 11, 2023

task: https://redmine.weseek.co.jp/issues/121339

  • バリデーション middleware とテストを作成
  • 必要なルートにアプライ

Screenshot

console warning

image

toastr

image

Comment on lines 12 to 17
if (user.readOnly) {
const message = 'This user is read only user';
logger.warn(message);

return res.apiv3Err(new ErrorV3(message, 'validatioin_failed'));
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

readOnly フラグが true ならば apiv3Err() でエラーを返すようにしました。

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

名前を excludeReadOnlyUser に変えてください

@yuki-takei
Copy link
Member

apiv1 全般カバーが必要だと思う

Comment on lines 12 to 17
if (user.readOnly) {
const message = 'This user is read only user';
logger.warn(message);

return res.apiv3Err(new ErrorV3(message, 'validatioin_failed'));
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

名前を excludeReadOnlyUser に変えてください

@@ -575,35 +576,36 @@ module.exports = (crowi) => {
}
});

router.post('/resume-rename', accessTokenParser, loginRequiredStrictly, validator.resumeRenamePage, apiV3FormValidator, async(req, res) => {
router.post('/resume-rename', accessTokenParser, loginRequiredStrictly, readOnlyValidator, validator.resumeRenamePage, apiV3FormValidator,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

resume はできてもいいね

export const excludeReadOnlyUser = (req: Request, res: Response & { apiv3Err }, next: () => NextFunction): NextFunction => {
const user = req.user;

if (user.readOnly) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

user が null の場合を一応カバーしておきたい。カバーしていない場合、暗黙的に loginRequiredStrictly の後に実行される必要があるという制約ができてしまうので。

user が null の場合は、logger.warn でその旨を出した上で通過させてよい。

@jam411 jam411 merged commit 30db34d into feat/120698-read-only-user May 13, 2023
@jam411 jam411 deleted the feat/120699-121339-create-validator branch May 13, 2023 13:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants