boolean canCreate = await(user.rxIsAuthorised("create")); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); JsonArray permissions = new JsonArray(); if(canCreate)
boolean canCreate = await(user.rxIsAuthorised("create")); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); JsonArray permissions = new JsonArray(); if(canCreate)
@Path("/save") @POST public Single<Response> save(@FormParam("id") String id, @FormParam("title") String title, @FormParam("markdown") String markdown, @FormParam("newPage") String newPage){ return fiber((con) -> { boolean isNewPage = "yes".equals(newPage); String requiredPermission = isNewPage ? "create" : "update"; if(!await(user.rxIsAuthorised(requiredPermission))) throw new AuthorizationException("Not authorized"); String sql = isNewPage ? SQL.SQL_CREATE_PAGE : SQL.SQL_SAVE_PAGE; JsonArray params = new JsonArray(); if (isNewPage) { params.add(title).add(markdown); } else { params.add(markdown).add(id); } await(con.rxUpdateWithParams(sql, params)); URI location = Router.getURI(WikiResource::renderPage, title); return Response.seeOther(location).build(); }); }
@GET public Single<Template> index(){ return fiber(() -> { List<Pages> res = await(dao.findAll()); List<String> pages = res .stream() .map(page -> page.getName()) .sorted() .collect(Collectors.toList()); boolean canCreatePage = await(user.rxIsAuthorised("create")); return new Template("templates/index.ftl") .set("title", "Wiki home") .set("pages", pages) .set("canCreatePage", canCreatePage) .set("username", getUserName()) .set("backup_gist_url", flash.get("backup_gist_url")); }); }
@GET public Single<Template> index(){ return fiber((con) -> { ResultSet res = await(con.rxQuery(SQL.SQL_ALL_PAGES)); List<String> pages = res.getResults() .stream() .map(json -> json.getString(0)) .sorted() .collect(Collectors.toList()); boolean canCreatePage = await(user.rxIsAuthorised("create")); return new Template("templates/index.ftl") .set("title", "Wiki home") .set("pages", pages) .set("canCreatePage", canCreatePage) .set("username", getUserName()) .set("backup_gist_url", flash.get("backup_gist_url")); }); }
@Path("/save") @POST public Single<Response> save(@FormParam("id") String id, @FormParam("title") String title, @FormParam("markdown") String markdown, @FormParam("newPage") String newPage){ return fiber(() -> { boolean isNewPage = "yes".equals(newPage); String requiredPermission = isNewPage ? "create" : "update"; if(!await(user.rxIsAuthorised(requiredPermission))) throw new AuthorizationException("Not authorized"); io.reactivex.Single<Integer> query; if(isNewPage) query = dao.insert(new Pages().setName(title).setContent(markdown)); else query = dao.update(new Pages().setId(Integer.valueOf(id)).setContent(markdown).setName(title)); await(query); URI location = Router.getURI(WikiResource::renderPage, title); return Response.seeOther(location).build(); }); }
rawContent = res.get().getContent(); if(newPage && !await(user.rxIsAuthorised("create"))) throw new AuthorizationException("Not authorized"); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); return new Template("templates/page.ftl") .set("username", getUserName())
rawContent = row.getString(1); if(newPage && !await(user.rxIsAuthorised("create"))) throw new AuthorizationException("Not authorized"); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); return new Template("templates/page.ftl") .set("username", getUserName())
@Override public Single<Boolean> assertAuthorized(Annotation authzSpec) { if(authzSpec instanceof RequiresPermissions){ User user = getUser(); if(user == null) return Single.error(new AuthorizationException("User required")); Single<Boolean> ret = Single.just(true); for(String perm : ((RequiresPermissions) authzSpec).value()){ ret = user.rxIsAuthorised(perm).zipWith(ret, (a, b) -> a && b); } return ret; } return Single.just(true); } }
@Override public Single<Boolean> assertAuthorized(Annotation authzSpec) { if(authzSpec instanceof RequiresPermissions){ User user = getUser(); if(user == null) return Single.error(new AuthorizationException("User required")); Single<Boolean> ret = Single.just(true); for(String perm : ((RequiresPermissions) authzSpec).value()){ ret = user.rxIsAuthorised(perm).zipWith(ret, (a, b) -> a && b); } return ret; } return Single.just(true); } }