forked from
tangled.org/core
Mirror of @tangled.org/core. Running on a Raspberry Pi Zero 2 (Please be gentle).
rbac,knotserver: move `ThisServer` const to rbac pkg
Signed-off-by: oppiliappan <me@oppi.li>
authored by
oppiliappan
and committed by
Tangled
dee839bf
2a339ede
+14
-13
+3
-2
knotserver/ingester.go
+3
-2
knotserver/ingester.go
···
21
21
"tangled.sh/tangled.sh/core/knotserver/db"
22
22
"tangled.sh/tangled.sh/core/knotserver/git"
23
23
"tangled.sh/tangled.sh/core/log"
24
+
"tangled.sh/tangled.sh/core/rbac"
24
25
"tangled.sh/tangled.sh/core/workflow"
25
26
)
26
27
···
47
46
return fmt.Errorf("domain mismatch: %s != %s", record.Domain, h.c.Server.Hostname)
48
47
}
49
48
50
-
ok, err := h.e.E.Enforce(did, ThisServer, ThisServer, "server:invite")
49
+
ok, err := h.e.E.Enforce(did, rbac.ThisServer, rbac.ThisServer, "server:invite")
51
50
if err != nil || !ok {
52
51
l.Error("failed to add member", "did", did)
53
52
return fmt.Errorf("failed to enforce permissions: %w", err)
54
53
}
55
54
56
-
if err := h.e.AddKnotMember(ThisServer, record.Subject); err != nil {
55
+
if err := h.e.AddKnotMember(rbac.ThisServer, record.Subject); err != nil {
57
56
l.Error("failed to add member", "error", err)
58
57
return fmt.Errorf("failed to add member: %w", err)
59
58
}
+1
-1
knotserver/internal.go
+1
-1
knotserver/internal.go
+6
-5
knotserver/routes.go
+6
-5
knotserver/routes.go
···
29
29
"tangled.sh/tangled.sh/core/knotserver/db"
30
30
"tangled.sh/tangled.sh/core/knotserver/git"
31
31
"tangled.sh/tangled.sh/core/patchutil"
32
+
"tangled.sh/tangled.sh/core/rbac"
32
33
"tangled.sh/tangled.sh/core/types"
33
34
)
34
35
···
675
674
}
676
675
677
676
// add perms for this user to access the repo
678
-
err = h.e.AddRepo(did, ThisServer, relativeRepoPath)
677
+
err = h.e.AddRepo(did, rbac.ThisServer, relativeRepoPath)
679
678
if err != nil {
680
679
l.Error("adding repo permissions", "error", err.Error())
681
680
writeError(w, err.Error(), http.StatusInternalServerError)
···
893
892
}
894
893
895
894
// add perms for this user to access the repo
896
-
err = h.e.AddRepo(did, ThisServer, relativeRepoPath)
895
+
err = h.e.AddRepo(did, rbac.ThisServer, relativeRepoPath)
897
896
if err != nil {
898
897
l.Error("adding repo permissions", "error", err.Error())
899
898
writeError(w, err.Error(), http.StatusInternalServerError)
···
1147
1146
}
1148
1147
h.jc.AddDid(did)
1149
1148
1150
-
if err := h.e.AddKnotMember(ThisServer, did); err != nil {
1149
+
if err := h.e.AddKnotMember(rbac.ThisServer, did); err != nil {
1151
1150
l.Error("adding member", "error", err.Error())
1152
1151
writeError(w, err.Error(), http.StatusInternalServerError)
1153
1152
return
···
1185
1184
h.jc.AddDid(data.Did)
1186
1185
1187
1186
repoName, _ := securejoin.SecureJoin(ownerDid, repo)
1188
-
if err := h.e.AddCollaborator(data.Did, ThisServer, repoName); err != nil {
1187
+
if err := h.e.AddCollaborator(data.Did, rbac.ThisServer, repoName); err != nil {
1189
1188
l.Error("adding repo collaborator", "error", err.Error())
1190
1189
writeError(w, err.Error(), http.StatusInternalServerError)
1191
1190
return
···
1282
1281
}
1283
1282
h.jc.AddDid(data.Did)
1284
1283
1285
-
if err := h.e.AddKnotOwner(ThisServer, data.Did); err != nil {
1284
+
if err := h.e.AddKnotOwner(rbac.ThisServer, data.Did); err != nil {
1286
1285
l.Error("adding owner", "error", err.Error())
1287
1286
writeError(w, err.Error(), http.StatusInternalServerError)
1288
1287
return
-5
knotserver/util.go
-5
knotserver/util.go
···
8
8
"github.com/bluesky-social/indigo/atproto/syntax"
9
9
securejoin "github.com/cyphar/filepath-securejoin"
10
10
"github.com/go-chi/chi/v5"
11
-
"github.com/microcosm-cc/bluemonday"
12
11
)
13
-
14
-
func sanitize(content []byte) []byte {
15
-
return bluemonday.UGCPolicy().SanitizeBytes([]byte(content))
16
-
}
17
12
18
13
func didPath(r *http.Request) string {
19
14
did := chi.URLParam(r, "did")