mirror of
https://github.com/penpot/penpot.git
synced 2025-05-10 03:06:38 +02:00
🐸 integration with backend data
This commit is contained in:
alonso.torres
parent
4102dca55c
commit
57d633b1d2
17 changed files with 301 additions and 116 deletions
|
|
@ -50,7 +50,7 @@
|
|||
(sq/defquery ::color-libraries
|
||||
[{:keys [profile-id team-id]}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(teams/check-edition-permissions! conn profile-id team-id)
|
||||
(teams/check-read-permissions! conn profile-id team-id)
|
||||
(db/query conn [sql:libraries team-id])))
|
||||
|
||||
|
||||
|
|
@ -66,7 +66,7 @@
|
|||
[{:keys [profile-id id]}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(p/let [lib (retrieve-library conn id)]
|
||||
(teams/check-edition-permissions! conn profile-id (:team-id lib))
|
||||
(teams/check-read-permissions! conn profile-id (:team-id lib))
|
||||
lib)))
|
||||
|
||||
(def ^:private sql:single-library
|
||||
|
|
@ -94,7 +94,7 @@
|
|||
[{:keys [profile-id library-id] :as params}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(p/let [lib (retrieve-library conn library-id)]
|
||||
(teams/check-edition-permissions! conn profile-id (:team-id lib))
|
||||
(teams/check-read-permissions! conn profile-id (:team-id lib))
|
||||
(retrieve-colors conn library-id))))
|
||||
|
||||
(def ^:private sql:colors
|
||||
|
|
@ -123,7 +123,7 @@
|
|||
[{:keys [profile-id id] :as params}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(p/let [color (retrieve-color conn id)]
|
||||
(teams/check-edition-permissions! conn profile-id (:team-id color))
|
||||
(teams/check-read-permissions! conn profile-id (:team-id color))
|
||||
color)))
|
||||
|
||||
(def ^:private sql:single-color
|
||||
|
|
|
|||
|
|
@ -56,8 +56,10 @@
|
|||
|
||||
(sq/defquery ::icon-libraries
|
||||
[{:keys [profile-id team-id]}]
|
||||
(println profile-id)
|
||||
(println team-id)
|
||||
(db/with-atomic [conn db/pool]
|
||||
(teams/check-edition-permissions! conn profile-id team-id)
|
||||
(teams/check-read-permissions! conn profile-id team-id)
|
||||
(db/query conn [sql:libraries team-id])))
|
||||
|
||||
|
||||
|
|
@ -73,7 +75,7 @@
|
|||
[{:keys [profile-id id]}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(p/let [lib (retrieve-library conn id)]
|
||||
(teams/check-edition-permissions! conn profile-id (:team-id lib))
|
||||
(teams/check-read-permissions! conn profile-id (:team-id lib))
|
||||
lib)))
|
||||
|
||||
(def ^:private sql:single-library
|
||||
|
|
@ -101,7 +103,7 @@
|
|||
[{:keys [profile-id library-id] :as params}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(p/let [lib (retrieve-library conn library-id)]
|
||||
(teams/check-edition-permissions! conn profile-id (:team-id lib))
|
||||
(teams/check-read-permissions! conn profile-id (:team-id lib))
|
||||
(-> (retrieve-icons conn library-id)
|
||||
(p/then' (fn [rows] (mapv decode-row rows)))))))
|
||||
|
||||
|
|
@ -131,7 +133,7 @@
|
|||
[{:keys [profile-id id] :as params}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(p/let [icon (retrieve-icon conn id)]
|
||||
(teams/check-edition-permissions! conn profile-id (:team-id icon))
|
||||
(teams/check-read-permissions! conn profile-id (:team-id icon))
|
||||
(decode-row icon))))
|
||||
|
||||
(def ^:private sql:single-icon
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@
|
|||
(sq/defquery ::image-libraries
|
||||
[{:keys [profile-id team-id]}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(teams/check-edition-permissions! conn profile-id team-id)
|
||||
(teams/check-read-permissions! conn profile-id team-id)
|
||||
(db/query conn [sql:libraries team-id])))
|
||||
|
||||
|
||||
|
|
@ -55,7 +55,7 @@
|
|||
[{:keys [profile-id id]}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(p/let [lib (retrieve-library conn id)]
|
||||
(teams/check-edition-permissions! conn profile-id (:team-id lib))
|
||||
(teams/check-read-permissions! conn profile-id (:team-id lib))
|
||||
lib)))
|
||||
|
||||
(def ^:private sql:single-library
|
||||
|
|
@ -86,7 +86,7 @@
|
|||
[{:keys [profile-id library-id] :as params}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(p/let [lib (retrieve-library conn library-id)]
|
||||
(teams/check-edition-permissions! conn profile-id (:team-id lib))
|
||||
(teams/check-read-permissions! conn profile-id (:team-id lib))
|
||||
(-> (retrieve-images conn library-id)
|
||||
(p/then' (fn [rows]
|
||||
(->> rows
|
||||
|
|
@ -120,7 +120,7 @@
|
|||
[{:keys [profile-id id] :as params}]
|
||||
(db/with-atomic [conn db/pool]
|
||||
(p/let [img (retrieve-image conn id)]
|
||||
(teams/check-edition-permissions! conn profile-id (:team-id img))
|
||||
(teams/check-read-permissions! conn profile-id (:team-id img))
|
||||
(-> img
|
||||
(images/resolve-urls :path :uri)
|
||||
(images/resolve-urls :thumb-path :thumb-uri)))))
|
||||
|
|
|
|||
|
|
@ -47,16 +47,37 @@
|
|||
where team_id = $2
|
||||
order by modified_at desc")
|
||||
|
||||
(def ^:private sql:project-by-id
|
||||
"select p.*
|
||||
from project as p
|
||||
inner join project_profile_rel as ppr on (ppr.project_id = p.id)
|
||||
where ppr.profile_id = $1
|
||||
and p.id = $2
|
||||
and p.deleted_at is null
|
||||
and (ppr.is_admin = true or
|
||||
ppr.is_owner = true or
|
||||
ppr.can_edit = true)")
|
||||
|
||||
(s/def ::team-id ::us/uuid)
|
||||
(s/def ::profile-id ::us/uuid)
|
||||
(s/def ::project-id ::us/uuid)
|
||||
|
||||
(s/def ::projects-by-team
|
||||
(s/keys :req-un [::profile-id ::team-id]))
|
||||
|
||||
(s/def ::project-by-id
|
||||
(s/keys :req-un [::profile-id ::project-id]))
|
||||
|
||||
(defn projects-by-team [profile-id team-id]
|
||||
(db/query db/pool [sql:projects profile-id team-id]))
|
||||
|
||||
(defn project-by-id [profile-id project-id]
|
||||
(db/query-one db/pool [sql:project-by-id profile-id project-id]))
|
||||
|
||||
(sq/defquery ::projects-by-team
|
||||
[{:keys [profile-id team-id]}]
|
||||
(projects-by-team profile-id team-id))
|
||||
|
||||
(sq/defquery ::project-by-id
|
||||
[{:keys [profile-id project-id]}]
|
||||
(project-by-id profile-id project-id))
|
||||
|
|
|
|||
|
|
@ -40,5 +40,14 @@
|
|||
(ex/raise :type :validation
|
||||
:code :not-authorized))))))
|
||||
|
||||
|
||||
|
||||
(defn check-read-permissions!
|
||||
[conn profile-id team-id]
|
||||
(-> (db/query-one conn [sql:team-permissions profile-id team-id])
|
||||
(p/then' (fn [row]
|
||||
(when-not (or (:can-edit row)
|
||||
(:is-admin row)
|
||||
(:is-owner row)
|
||||
;; We can read global-project owned items
|
||||
(= team-id #uuid "00000000-0000-0000-0000-000000000000"))
|
||||
(ex/raise :type :validation
|
||||
:code :not-authorized))))))
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue