MCPcopy Index your code
hub / github.com/writefreely/writefreely / processCollectionPermissions

Function processCollectionPermissions

collections.go:725–825  ·  view source on GitHub ↗

processCollectionPermissions checks the permissions for the given collectionReq, returning a Collection if access is granted; otherwise this renders any necessary collection pages, for example, if requesting a custom domain that doesn't yet have a collection associated, or if a collection requires a

(app *App, cr *collectionReq, u *User, w http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

723// requires a password. In either case, this will return nil, nil -- thus both
724// values should ALWAYS be checked to determine whether or not to continue.
725func processCollectionPermissions(app *App, cr *collectionReq, u *User, w http.ResponseWriter, r *http.Request) (*Collection, error) {
726 // Display collection if this is a collection
727 var c *Collection
728 var err error
729 if app.cfg.App.SingleUser {
730 c, err = app.db.GetCollectionByID(1)
731 } else {
732 c, err = app.db.GetCollection(cr.alias)
733 }
734 // TODO: verify we don't reveal the existence of a private collection with redirection
735 if err != nil {
736 if err, ok := err.(impart.HTTPError); ok {
737 if err.Status == http.StatusNotFound {
738 if cr.isCustomDomain {
739 // User is on the site from a custom domain
740 //tErr := pages["404-domain.tmpl"].ExecuteTemplate(w, "base", pageForHost(page.StaticPage{}, r))
741 //if tErr != nil {
742 //log.Error("Unable to render 404-domain page: %v", err)
743 //}
744 return nil, nil
745 }
746 if len(cr.alias) >= minIDLen && len(cr.alias) <= maxIDLen {
747 // Alias is within post ID range, so just be sure this isn't a post
748 if app.db.PostIDExists(cr.alias) {
749 // TODO: use StatusFound for vanity post URLs when we implement them
750 return nil, impart.HTTPError{http.StatusMovedPermanently, "/" + cr.alias}
751 }
752 }
753 // Redirect if necessary
754 newAlias := app.db.GetCollectionRedirect(cr.alias)
755 if newAlias != "" {
756 return nil, impart.HTTPError{http.StatusFound, "/" + newAlias + "/"}
757 }
758 }
759 }
760 return nil, err
761 }
762 c.hostName = app.cfg.App.Host
763
764 // Update CollectionRequest to reflect owner status
765 cr.isCollOwner = u != nil && u.ID == c.OwnerID
766
767 // Check permissions
768 if !cr.isCollOwner {
769 if c.IsPrivate() {
770 return nil, ErrCollectionNotFound
771 } else if c.IsProtected() {
772 uname := ""
773 if u != nil {
774 uname = u.Username
775 }
776
777 // TODO: move this to all permission checks?
778 suspended, err := app.db.IsUserSilenced(c.OwnerID)
779 if err != nil {
780 log.Error("process protected collection permissions: %v", err)
781 return nil, err
782 }

Callers 3

handleViewCollectionFunction · 0.85
handleViewCollectionTagFunction · 0.85
handleViewCollectionLangFunction · 0.85

Calls 11

IsPrivateMethod · 0.95
IsProtectedMethod · 0.95
pageForReqFunction · 0.85
getSessionFlashesFunction · 0.85
IsUserSilencedMethod · 0.80
GetCollectionByIDMethod · 0.65
GetCollectionMethod · 0.65
PostIDExistsMethod · 0.65
GetCollectionRedirectMethod · 0.65
GetUserByIDMethod · 0.65

Tested by

no test coverage detected