added method check owner result
This commit is contained in:
parent
8fb5c6992d
commit
f9f27a544e
2
go.mod
2
go.mod
@ -9,7 +9,7 @@ require (
|
||||
gitea.pena/PenaSide/hlog v0.0.0-20241125221102-a54c29c002a9
|
||||
gitea.pena/PenaSide/linters-golang v0.0.0-20241207122018-933207374735
|
||||
gitea.pena/PenaSide/trashlog v0.0.0-20250222101337-a43552caae6f
|
||||
gitea.pena/SQuiz/common v0.0.0-20250221135056-f98c45e04909
|
||||
gitea.pena/SQuiz/common v0.0.0-20250422170643-069ed8e576cc
|
||||
github.com/caarlos0/env/v8 v8.0.0
|
||||
github.com/go-redis/redis/v8 v8.11.5
|
||||
github.com/gofiber/fiber/v2 v2.52.6
|
||||
|
||||
6
go.sum
6
go.sum
@ -9,6 +9,12 @@ gitea.pena/PenaSide/trashlog v0.0.0-20250222101337-a43552caae6f h1:KbZU49A8tGnqW
|
||||
gitea.pena/PenaSide/trashlog v0.0.0-20250222101337-a43552caae6f/go.mod h1:GRfWJerTUlgy82CiYAxE4tVYSVV54zEJJQy17Fx46E4=
|
||||
gitea.pena/SQuiz/common v0.0.0-20250221135056-f98c45e04909 h1:iCiqaJ6a7rGESAEUgtVA9IqhVn0oKiwRk7bryTWPV5w=
|
||||
gitea.pena/SQuiz/common v0.0.0-20250221135056-f98c45e04909/go.mod h1:rQRjqLlLyM71FZcvbM95Nv3ciq44F9DFtUHPZmDK3T8=
|
||||
gitea.pena/SQuiz/common v0.0.0-20250422134128-c053d99ffa60 h1:oewjuWkn7UoEHZy4hl0A5t4s/PRM/7uZ3OgoGJAwMVE=
|
||||
gitea.pena/SQuiz/common v0.0.0-20250422134128-c053d99ffa60/go.mod h1:/YR+uo4RouZshuHPkguk7nAJVKuFt3Z0mTFxUPdlzxQ=
|
||||
gitea.pena/SQuiz/common v0.0.0-20250422165756-2cc87ee518df h1:+PVdYOD2SZQp8MfZtHi+PfcLHax3yTwl6df3b5pk5Lg=
|
||||
gitea.pena/SQuiz/common v0.0.0-20250422165756-2cc87ee518df/go.mod h1:/YR+uo4RouZshuHPkguk7nAJVKuFt3Z0mTFxUPdlzxQ=
|
||||
gitea.pena/SQuiz/common v0.0.0-20250422170643-069ed8e576cc h1:HnmZlJxmQJQdF+2L4DEpKpJWNVOThe4qaouVEOALmY0=
|
||||
gitea.pena/SQuiz/common v0.0.0-20250422170643-069ed8e576cc/go.mod h1:/YR+uo4RouZshuHPkguk7nAJVKuFt3Z0mTFxUPdlzxQ=
|
||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||
github.com/ClickHouse/clickhouse-go v1.5.4 h1:cKjXeYLNWVJIx2J1K6H2CqyRmfwVJVY1OV1coaaFcI0=
|
||||
github.com/ClickHouse/clickhouse-go v1.5.4/go.mod h1:EaI/sW7Azgz9UATzd5ZdZHRUhHgv5+JMS9NSr2smCJI=
|
||||
|
||||
@ -96,7 +96,7 @@ func (r *Result) DelResultByID(ctx *fiber.Ctx) error {
|
||||
return ctx.Status(fiber.StatusUnauthorized).SendString("could not get account ID from token")
|
||||
}
|
||||
|
||||
resultIDStr := ctx.Params("resultId")
|
||||
resultIDStr := ctx.Params("resultID")
|
||||
resultID, err := strconv.ParseUint(resultIDStr, 10, 64)
|
||||
if err != nil {
|
||||
return ctx.Status(fiber.StatusBadRequest).SendString("Invalid result ID format")
|
||||
|
||||
@ -4,7 +4,7 @@ import "github.com/gofiber/fiber/v2"
|
||||
|
||||
func (r *Result) Register(router fiber.Router) {
|
||||
router.Post("/results/getResults/:quizID", r.GetResultsByQuizID)
|
||||
router.Delete("/results/delete/:resultId", r.DelResultByID)
|
||||
router.Delete("/results/delete/:resultID", r.DelResultByID)
|
||||
router.Patch("/result/seen", r.SetStatus)
|
||||
router.Post("/results/:quizID/export", r.ExportResultsToCSV)
|
||||
router.Get("/result/:resultID", r.GetResultAnswers)
|
||||
|
||||
@ -52,21 +52,36 @@ func (o *OwnerShip) CheckQuiz(ctx *fiber.Ctx) (bool, error) {
|
||||
quizID = body.QuizID
|
||||
}
|
||||
|
||||
quiz, err := o.dal.QuizRepo.GetQuizById(ctx.Context(), accountId, quizID)
|
||||
isOwner, err := o.dal.QuizRepo.CheckQuizOwner(ctx.Context(), accountId, quizID)
|
||||
if err != nil {
|
||||
return false, fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||
}
|
||||
|
||||
if quiz.AccountId != accountId {
|
||||
return false, fiber.NewError(fiber.StatusForbidden, "quiz does not belong to the account")
|
||||
}
|
||||
|
||||
return true, nil
|
||||
return isOwner, nil
|
||||
}
|
||||
|
||||
// имеем id результата и id аккаунта проверяем с помощью CheckResultOwner
|
||||
func (o *OwnerShip) CheckResult(ctx *fiber.Ctx) (bool, error) {
|
||||
return true, nil
|
||||
accountID, ok := middleware.GetAccountId(ctx)
|
||||
if !ok {
|
||||
return false, fiber.NewError(fiber.StatusUnauthorized, "account id is required")
|
||||
}
|
||||
|
||||
resultIDStr := ctx.Params("resultID")
|
||||
if resultIDStr == "" {
|
||||
return false, fiber.NewError(fiber.StatusBadRequest, "invalid resultID")
|
||||
}
|
||||
resultID, err := strconv.ParseUint(resultIDStr, 10, 64)
|
||||
if err != nil {
|
||||
return false, fiber.NewError(fiber.StatusBadRequest, "invalid result ID format")
|
||||
}
|
||||
|
||||
isOwner, err := o.dal.ResultRepo.CheckResultOwner(ctx.Context(), resultID, accountID)
|
||||
if err != nil {
|
||||
return false, fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||
}
|
||||
|
||||
return isOwner, nil
|
||||
}
|
||||
|
||||
// имеем id вопроса и id аккаунта проверяем что квиз этого вопроса относится к аккаунту
|
||||
@ -91,9 +106,9 @@ var pathCheckMap = map[string]func(*OwnerShip, *fiber.Ctx) (bool, error){
|
||||
"POST /question/history": (*OwnerShip).CheckQuestion, // id
|
||||
"DELETE /question/delete": (*OwnerShip).CheckQuestion, // id
|
||||
|
||||
"GET /result/result/:resultID": (*OwnerShip).CheckResult, // resultID в роуте (id ответа)
|
||||
"POST /result/results/getResults/:quizID": (*OwnerShip).CheckQuiz, // quizID в роуте
|
||||
"POST /result/results/:quizID/export": (*OwnerShip).CheckQuiz, // quizID в роуте
|
||||
"GET /result/:resultID": (*OwnerShip).CheckResult, // resultID в роуте (id ответа)
|
||||
"POST /results/getResults/:quizID": (*OwnerShip).CheckQuiz, // quizID в роуте
|
||||
"POST /results/:quizID/export": (*OwnerShip).CheckQuiz, // quizID в роуте
|
||||
|
||||
// todo обсудить с Мишей
|
||||
"POST /statistic/:quizID/devices": (*OwnerShip).CheckStatistic,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user