Merge branch 'master' of gitlab.cip.ifi.lmu.de:jost/UniWorX

2018-06-08 09:19:11 +02:00 · 2018-06-08 09:19:11 +02:00 · 64af1b155e
commit 64af1b155e
parent c46d6e8545 ae64b10d5c
3 changed files with 16 additions and 2 deletions
--- a/messages/de.msg
+++ b/messages/de.msg
@ -37,6 +37,7 @@ UnauthorizedSubmissionCorrector: Sie sind nicht der Korrektor für diese Abgabe.
 OnlyUploadOneFile: Bitte nur eine Datei hochladen.
 DeprecatedRoute: Diese Ansicht ist obsolet und könnte in Zukunft entfallen.
 UnfreeMaterials: Die Materialien für diese Veranstaltung sind nicht allgemein freigegeben.
+UnauthorizedWrite: Sie haben hierfür keine Schreibberechtigung

 SubmissionWrongSheet: Abgabenummer gehört nicht zum angegebenen Übungsblatt.
 SubmissionAlreadyExists: Sie haben bereits eine Abgabe zu diesem Übungsblatt.
--- a/2
+++ b/2
@ -18,6 +18,8 @@
 --
 --    !materials  -- only if course allows all materials to be free (no meaning outside of courses)
 --    !time       -- access depends on time somehow
+--    !isRead     -- only if it is read-only access (i.e. GET but not POST)
+--    !isWrite    -- only if it is write access     (i.e. POST only) why needed???
 --
 --    !deprecated -- like free, but logs and gives a warning
 --
--- a/src/Foundation.hs
+++ b/src/Foundation.hs
@ -269,9 +269,9 @@ knownTags = -- should not throw exceptions, i.e. no getBy404 or requireAuthId
         cTime <- liftIO getCurrentTime
         case subRoute of
           SFileR SheetExercise _ -> guard $ maybe False (<= cTime) sheetVisibleFrom
-           SFileR SheetHint _ -> guard $ maybe False (<= cTime) sheetHintFrom
+           SFileR SheetHint     _ -> guard $ maybe False (<= cTime) sheetHintFrom
           SFileR SheetSolution _ -> guard $ maybe False (<= cTime) sheetSolutionFrom
-           SFileR SheetMarking _ -> mzero -- only for correctors and lecturers
+           SFileR SheetMarking  _ -> mzero -- only for correctors and lecturers
           SubmissionNewR -> guard $ sheetActiveFrom <= cTime && cTime <= sheetActiveTo
           _ -> guard $ maybe False (<= cTime) sheetVisibleFrom
         return Authorized
@ -314,6 +314,17 @@ knownTags = -- should not throw exceptions, i.e. no getBy404 or requireAuthId
         $logErrorS "AccessControl" $ "'!owner' used on route that doesn't support it: " <> tshow r
         unauthorizedI MsgUnauthorized
   )
+  ,("isRead",  APHandler $ \route ->
+      bool  <$> return Authorized
+            <*> unauthorizedI MsgUnauthorizedWrite
+            <*> isWriteRequest route
+   )
+  ,("isWrite", APHandler $ \route -> do
+      write <- isWriteRequest route
+      if write
+        then return Authorized
+        else unauthorizedI MsgUnauthorized
+   )
  ]