Basic user access endpoint
This commit is contained in:
binwiederhier
parent
b131d676c4
commit
bd86e3d951
9 changed files with 95 additions and 23 deletions
|
|
@ -45,6 +45,7 @@ import (
|
|||
reset daily limits for users
|
||||
Account usage not updated "in real time"
|
||||
max token issue limit
|
||||
user db startup queries -> foreign keys
|
||||
Sync:
|
||||
- "mute" setting
|
||||
- figure out what settings are "web" or "phone"
|
||||
|
|
@ -101,6 +102,7 @@ var (
|
|||
accountPasswordPath = "/v1/account/password"
|
||||
accountSettingsPath = "/v1/account/settings"
|
||||
accountSubscriptionPath = "/v1/account/subscription"
|
||||
accountAccessPath = "/v1/account/access"
|
||||
accountSubscriptionSingleRegex = regexp.MustCompile(`^/v1/account/subscription/([-_A-Za-z0-9]{16})$`)
|
||||
matrixPushPath = "/_matrix/push/v1/notify"
|
||||
staticRegex = regexp.MustCompile(`^/static/.+`)
|
||||
|
|
@ -357,6 +359,8 @@ func (s *Server) handleInternal(w http.ResponseWriter, r *http.Request, v *visit
|
|||
return s.ensureUser(s.handleAccountSubscriptionChange)(w, r, v)
|
||||
} else if r.Method == http.MethodDelete && accountSubscriptionSingleRegex.MatchString(r.URL.Path) {
|
||||
return s.ensureUser(s.handleAccountSubscriptionDelete)(w, r, v)
|
||||
} else if r.Method == http.MethodPost && r.URL.Path == accountAccessPath {
|
||||
return s.ensureUser(s.handleAccountAccessAdd)(w, r, v)
|
||||
} else if r.Method == http.MethodGet && r.URL.Path == matrixPushPath {
|
||||
return s.handleMatrixDiscovery(w)
|
||||
} else if r.Method == http.MethodGet && staticRegex.MatchString(r.URL.Path) {
|
||||
|
|
|
|||
|
|
@ -307,3 +307,22 @@ func (s *Server) handleAccountSubscriptionDelete(w http.ResponseWriter, r *http.
|
|||
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *Server) handleAccountAccessAdd(w http.ResponseWriter, r *http.Request, v *visitor) error {
|
||||
req, err := readJSONWithLimit[apiAccountAccessRequest](r.Body, jsonBodyBytesLimit)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !topicRegex.MatchString(req.Topic) {
|
||||
return errHTTPBadRequestTopicInvalid
|
||||
}
|
||||
if err := s.userManager.AllowAccess(v.user.Name, req.Topic, true, true); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.userManager.AllowAccess(user.Everyone, req.Topic, false, false); err != nil {
|
||||
return err
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -266,3 +266,8 @@ type apiAccountResponse struct {
|
|||
Limits *apiAccountLimits `json:"limits,omitempty"`
|
||||
Stats *apiAccountStats `json:"stats,omitempty"`
|
||||
}
|
||||
|
||||
type apiAccountAccessRequest struct {
|
||||
Topic string `json:"topic"`
|
||||
Access string `json:"access"`
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue