This commit is contained in:
Christoph Kluge 2023-06-20 13:16:04 +02:00
commit fc33bfb47b
4 changed files with 16 additions and 9 deletions

View File

@ -4,7 +4,7 @@ before:
- go mod tidy
builds:
- env:
- CGO_ENABLED=0
- CGO_ENABLED=1
goos:
- linux
- darwin
@ -12,7 +12,6 @@ builds:
- amd64
- arm64
goamd64:
- v2
- v3
goarm:
- "7"
@ -20,6 +19,11 @@ builds:
main: ./cmd/cc-backend
tags:
- static_build
hooks:
pre: make frontend
ignore:
- goos: linux
goarch: arm64
archives:
- format: tar.gz

View File

@ -28,7 +28,7 @@ SVELTE_SRC = $(wildcard $(FRONTEND)/src/*.svelte) \
$(wildcard $(FRONTEND)/src/plots/*.svelte) \
$(wildcard $(FRONTEND)/src/joblist/*.svelte)
.PHONY: clean test tags $(TARGET)
.PHONY: clean test tags frontend $(TARGET)
.NOTPARALLEL:
@ -36,6 +36,10 @@ $(TARGET): $(VAR) $(CFG) $(SVELTE_TARGETS)
$(info ===> BUILD cc-backend)
@go build -ldflags=${LD_FLAGS} ./cmd/cc-backend
frontend:
$(info ===> BUILD frontend)
cd web/frontend && npm install && npm run build
clean:
$(info ===> CLEAN)
@go clean

View File

@ -192,6 +192,7 @@ func decode(r io.Reader, val interface{}) error {
// @security ApiKeyAuth
// @router /jobs/ [get]
func (api *RestApi) getJobs(rw http.ResponseWriter, r *http.Request) {
if user := auth.GetUser(r.Context()); user != nil && !user.HasRole(auth.RoleApi) {
handleError(fmt.Errorf("missing role: %v", auth.GetRoleString(auth.RoleApi)), http.StatusForbidden, rw)
return

View File

@ -81,8 +81,7 @@ func (r *JobRepository) testQueryJobs(
page *model.PageRequest,
order *model.OrderByInput) ([]*schema.Job, error) {
return r.queryJobs(sq.Select(jobColumns...).From("job"),
filters, page, order)
return r.queryJobs(sq.Select(jobColumns...).From("job"), filters, page, order)
}
// Public function with added securityCheck, calls private queryJobs function above
@ -98,8 +97,7 @@ func (r *JobRepository) QueryJobs(
return nil, qerr
}
return r.queryJobs(query,
filters, page, order)
return r.queryJobs(query, filters, page, order)
}
// SecurityCheck-less, private: returns a list of minimal job information (DB-ID and jobId) of shared jobs for link-building based the provided filters.
@ -202,12 +200,12 @@ func (r *JobRepository) CountJobs(
return r.countJobs(query, filters)
}
func SecurityCheck(ctx context.Context, query sq.SelectBuilder) (queryOut sq.SelectBuilder, err error) {
func SecurityCheck(ctx context.Context, query sq.SelectBuilder) (sq.SelectBuilder, error) {
user := auth.GetUser(ctx)
if user == nil {
var qnil sq.SelectBuilder
return qnil, fmt.Errorf("user context is nil!")
} else if user.HasAnyRole([]auth.Role{auth.RoleAdmin, auth.RoleSupport}) { // Admin & Co. : All jobs
} else if user.HasAnyRole([]auth.Role{auth.RoleAdmin, auth.RoleSupport, auth.RoleApi}) { // Admin & Co. : All jobs
return query, nil
} else if user.HasRole(auth.RoleManager) { // Manager : Add filter for managed projects' jobs only + personal jobs
if len(user.Projects) != 0 {