fix: huertos admin permissions; improve: abstract auth guard
This commit is contained in:
@@ -2,7 +2,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>net.miarma.api</groupId>
|
||||
<artifactId>huertos</artifactId>
|
||||
<version>1.2.0</version>
|
||||
<version>1.2.1</version>
|
||||
|
||||
<properties>
|
||||
<maven.compiler.source>23</maven.compiler.source>
|
||||
@@ -20,7 +20,7 @@
|
||||
<dependency>
|
||||
<groupId>net.miarma.api</groupId>
|
||||
<artifactId>backlib</artifactId>
|
||||
<version>1.2.0</version>
|
||||
<version>1.2.1</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
|
||||
@@ -2,14 +2,19 @@ package net.miarma.api.microservices.huertos.routing.middlewares;
|
||||
|
||||
import java.util.function.Consumer;
|
||||
|
||||
import io.vertx.core.Handler;
|
||||
import io.vertx.ext.web.RoutingContext;
|
||||
import net.miarma.api.backlib.Constants.HuertosUserRole;
|
||||
import net.miarma.api.backlib.http.ApiStatus;
|
||||
import net.miarma.api.backlib.middlewares.AbstractAuthGuard;
|
||||
import net.miarma.api.backlib.security.JWTManager;
|
||||
import net.miarma.api.backlib.util.JsonUtil;
|
||||
import net.miarma.api.microservices.huertos.entities.MemberEntity;
|
||||
import net.miarma.api.microservices.huertos.services.MemberService;
|
||||
|
||||
public class HuertosAuthGuard extends AbstractAuthGuard<MemberEntity, HuertosUserRole> {
|
||||
private final MemberService memberService;
|
||||
|
||||
private final MemberService memberService;
|
||||
|
||||
public HuertosAuthGuard(MemberService memberService) {
|
||||
this.memberService = memberService;
|
||||
@@ -22,7 +27,7 @@ public class HuertosAuthGuard extends AbstractAuthGuard<MemberEntity, HuertosUse
|
||||
|
||||
@Override
|
||||
protected void getUserEntity(int userId, RoutingContext ctx, Consumer<MemberEntity> callback) {
|
||||
memberService.getById(userId).onComplete(ar -> {
|
||||
memberService.getById(userId).onComplete(ar -> {
|
||||
if (ar.succeeded()) callback.accept(ar.result());
|
||||
else callback.accept(null);
|
||||
});
|
||||
@@ -32,4 +37,39 @@ public class HuertosAuthGuard extends AbstractAuthGuard<MemberEntity, HuertosUse
|
||||
protected boolean hasPermission(MemberEntity user, HuertosUserRole role) {
|
||||
return user.getRole() == HuertosUserRole.ADMIN;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Handler<RoutingContext> check(HuertosUserRole... allowedRoles) {
|
||||
return ctx -> {
|
||||
String token = extractToken(ctx);
|
||||
if (token == null || !JWTManager.getInstance().isValid(token)) {
|
||||
JsonUtil.sendJson(ctx, ApiStatus.UNAUTHORIZED, "Invalid or missing token");
|
||||
return;
|
||||
}
|
||||
|
||||
int userId = JWTManager.getInstance().extractUserId(token);
|
||||
|
||||
getUserEntity(userId, ctx, member -> {
|
||||
if (member == null) {
|
||||
JsonUtil.sendJson(ctx, ApiStatus.UNAUTHORIZED, "User not found");
|
||||
return;
|
||||
}
|
||||
|
||||
HuertosUserRole role = HuertosUserRole.USER;
|
||||
if (member.getRole() != null) {
|
||||
role = member.getRole();
|
||||
}
|
||||
|
||||
ctx.put("userId", userId);
|
||||
ctx.put("role", role);
|
||||
ctx.put("userEntity", member);
|
||||
|
||||
if (allowedRoles.length == 0 || isRoleAllowed(role, allowedRoles)) {
|
||||
ctx.next();
|
||||
} else {
|
||||
JsonUtil.sendJson(ctx, ApiStatus.FORBIDDEN, "Forbidden");
|
||||
}
|
||||
});
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user