mirror of https://github.com/usbharu/Hideout.git
feat: 権限チェック等を追加
This commit is contained in:
parent
1a3fc05dad
commit
540fe0eaa5
|
@ -16,9 +16,9 @@
|
|||
|
||||
package dev.usbharu.hideout.mastodon.application.accounts
|
||||
|
||||
import dev.usbharu.hideout.core.application.shared.AbstractApplicationService
|
||||
import dev.usbharu.hideout.core.application.shared.LocalUserAbstractApplicationService
|
||||
import dev.usbharu.hideout.core.application.shared.Transaction
|
||||
import dev.usbharu.hideout.core.domain.model.support.principal.Principal
|
||||
import dev.usbharu.hideout.core.domain.model.support.principal.FromApi
|
||||
import dev.usbharu.hideout.mastodon.interfaces.api.generated.model.Account
|
||||
import dev.usbharu.hideout.mastodon.query.AccountQueryService
|
||||
import org.slf4j.LoggerFactory
|
||||
|
@ -26,11 +26,11 @@ import org.springframework.stereotype.Service
|
|||
|
||||
@Service
|
||||
class GetAccountApplicationService(private val accountQueryService: AccountQueryService, transaction: Transaction) :
|
||||
AbstractApplicationService<GetAccount, Account>(
|
||||
LocalUserAbstractApplicationService<GetAccount, Account>(
|
||||
transaction,
|
||||
logger
|
||||
) {
|
||||
override suspend fun internalExecute(command: GetAccount, principal: Principal): Account {
|
||||
override suspend fun internalExecute(command: GetAccount, principal: FromApi): Account {
|
||||
return accountQueryService.findById(command.accountId.toLong()) ?: throw Exception("Account not found")
|
||||
}
|
||||
|
||||
|
|
|
@ -16,26 +16,30 @@
|
|||
|
||||
package dev.usbharu.hideout.mastodon.application.filter
|
||||
|
||||
import dev.usbharu.hideout.core.application.shared.AbstractApplicationService
|
||||
import dev.usbharu.hideout.core.application.exception.PermissionDeniedException
|
||||
import dev.usbharu.hideout.core.application.shared.LocalUserAbstractApplicationService
|
||||
import dev.usbharu.hideout.core.application.shared.Transaction
|
||||
import dev.usbharu.hideout.core.domain.model.filter.FilterKeywordId
|
||||
import dev.usbharu.hideout.core.domain.model.filter.FilterRepository
|
||||
import dev.usbharu.hideout.core.domain.model.support.principal.Principal
|
||||
import dev.usbharu.hideout.core.domain.model.support.principal.FromApi
|
||||
import org.slf4j.LoggerFactory
|
||||
import org.springframework.stereotype.Service
|
||||
|
||||
@Service
|
||||
class DeleteFilterV1ApplicationService(private val filterRepository: FilterRepository, transaction: Transaction) :
|
||||
AbstractApplicationService<DeleteFilterV1, Unit>(
|
||||
LocalUserAbstractApplicationService<DeleteFilterV1, Unit>(
|
||||
transaction, logger
|
||||
) {
|
||||
override suspend fun internalExecute(command: DeleteFilterV1, principal: FromApi) {
|
||||
val filter = filterRepository.findByFilterKeywordId(FilterKeywordId(command.filterKeywordId))
|
||||
?: throw IllegalArgumentException("Filter ${command.filterKeywordId} not found")
|
||||
if (principal.userDetailId != filter.userDetailId) {
|
||||
throw PermissionDeniedException()
|
||||
}
|
||||
filterRepository.delete(filter)
|
||||
}
|
||||
|
||||
companion object {
|
||||
private val logger = LoggerFactory.getLogger(DeleteFilterV1ApplicationService::class.java)
|
||||
}
|
||||
|
||||
override suspend fun internalExecute(command: DeleteFilterV1, principal: Principal) {
|
||||
val filter = filterRepository.findByFilterKeywordId(FilterKeywordId(command.filterKeywordId))
|
||||
?: throw Exception("Not Found")
|
||||
filterRepository.delete(filter)
|
||||
}
|
||||
}
|
|
@ -16,6 +16,7 @@
|
|||
|
||||
package dev.usbharu.hideout.mastodon.application.filter
|
||||
|
||||
import dev.usbharu.hideout.core.application.exception.PermissionDeniedException
|
||||
import dev.usbharu.hideout.core.application.shared.AbstractApplicationService
|
||||
import dev.usbharu.hideout.core.application.shared.Transaction
|
||||
import dev.usbharu.hideout.core.domain.model.filter.FilterContext.*
|
||||
|
@ -34,7 +35,11 @@ class GetFilterV1ApplicationService(private val filterRepository: FilterReposito
|
|||
) {
|
||||
override suspend fun internalExecute(command: GetFilterV1, principal: Principal): V1Filter {
|
||||
val filter = filterRepository.findByFilterKeywordId(FilterKeywordId(command.filterKeywordId))
|
||||
?: throw Exception("Not Found")
|
||||
?: throw IllegalArgumentException("Filter ${command.filterKeywordId} not found")
|
||||
|
||||
if (filter.userDetailId != principal.userDetailId) {
|
||||
throw PermissionDeniedException()
|
||||
}
|
||||
|
||||
val filterKeyword = filter.filterKeywords.find { it.id.id == command.filterKeywordId }
|
||||
return V1Filter(
|
||||
|
|
|
@ -16,9 +16,9 @@
|
|||
|
||||
package dev.usbharu.hideout.mastodon.application.status
|
||||
|
||||
import dev.usbharu.hideout.core.application.shared.AbstractApplicationService
|
||||
import dev.usbharu.hideout.core.application.shared.LocalUserAbstractApplicationService
|
||||
import dev.usbharu.hideout.core.application.shared.Transaction
|
||||
import dev.usbharu.hideout.core.domain.model.support.principal.Principal
|
||||
import dev.usbharu.hideout.core.domain.model.support.principal.FromApi
|
||||
import dev.usbharu.hideout.mastodon.interfaces.api.generated.model.Status
|
||||
import dev.usbharu.hideout.mastodon.query.StatusQueryService
|
||||
import org.slf4j.LoggerFactory
|
||||
|
@ -28,7 +28,7 @@ import org.springframework.stereotype.Service
|
|||
class GetStatusApplicationService(
|
||||
private val statusQueryService: StatusQueryService,
|
||||
transaction: Transaction,
|
||||
) : AbstractApplicationService<GetStatus, Status>(
|
||||
) : LocalUserAbstractApplicationService<GetStatus, Status>(
|
||||
transaction,
|
||||
logger
|
||||
) {
|
||||
|
@ -36,7 +36,9 @@ class GetStatusApplicationService(
|
|||
val logger = LoggerFactory.getLogger(GetStatusApplicationService::class.java)!!
|
||||
}
|
||||
|
||||
override suspend fun internalExecute(command: GetStatus, principal: Principal): Status {
|
||||
return statusQueryService.findByPostId(command.id.toLong()) ?: throw Exception("Not fount")
|
||||
override suspend fun internalExecute(command: GetStatus, principal: FromApi): Status {
|
||||
return statusQueryService.findByPostId(command.id.toLong())
|
||||
?: throw IllegalArgumentException("Post ${command.id} not found.")
|
||||
|
||||
}
|
||||
}
|
|
@ -19,6 +19,7 @@ package dev.usbharu.hideout.mastodon.infrastructure.exposedquery
|
|||
import dev.usbharu.hideout.core.domain.model.emoji.CustomEmoji
|
||||
import dev.usbharu.hideout.core.domain.model.media.*
|
||||
import dev.usbharu.hideout.core.domain.model.post.Visibility
|
||||
import dev.usbharu.hideout.core.domain.model.support.principal.Principal
|
||||
import dev.usbharu.hideout.core.infrastructure.exposedrepository.*
|
||||
import dev.usbharu.hideout.mastodon.interfaces.api.generated.model.Account
|
||||
import dev.usbharu.hideout.mastodon.interfaces.api.generated.model.MediaAttachment
|
||||
|
@ -117,7 +118,7 @@ class StatusQueryServiceImpl : StatusQueryService {
|
|||
return statuses
|
||||
}
|
||||
|
||||
override suspend fun findByPostId(id: Long): Status? {
|
||||
override suspend fun findByPostId(id: Long, principal: Principal?): Status? {
|
||||
val map = Posts
|
||||
.leftJoin(PostsMedia)
|
||||
.leftJoin(Actors)
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
|
||||
package dev.usbharu.hideout.mastodon.query
|
||||
|
||||
import dev.usbharu.hideout.core.domain.model.support.principal.Principal
|
||||
import dev.usbharu.hideout.mastodon.interfaces.api.generated.model.Status
|
||||
|
||||
interface StatusQueryService {
|
||||
|
@ -33,7 +34,7 @@ interface StatusQueryService {
|
|||
includeFollowers: Boolean = false,
|
||||
): List<Status>
|
||||
|
||||
suspend fun findByPostId(id: Long): Status?
|
||||
suspend fun findByPostId(id: Long, principal: Principal? = null): Status?
|
||||
}
|
||||
|
||||
data class StatusQuery(
|
||||
|
|
Loading…
Reference in New Issue