chore: change to use enforce action instead

2024-10-28 14:36:41 +08:00 · 2024-10-28 14:36:41 +08:00 · ca33dfb304
parent f701abd2a7
commit ca33dfb304
3 changed files with 9 additions and 47 deletions
--- a/src/api/workspace.rs
+++ b/src/api/workspace.rs
@ -1151,7 +1151,6 @@ async fn put_workspace_default_published_view_handler(
  let new_default_pub_view_id = payload.into_inner().view_id;
  biz::workspace::publish::set_workspace_default_publish_view(
    &state.pg_pool,
-    &user_uuid,
    &workspace_id,
    &new_default_pub_view_id,
  )
@ -1167,14 +1166,10 @@ async fn delete_workspace_default_published_view_handler(
  let uid = state.user_cache.get_user_uid(&user_uuid).await?;
  state
    .workspace_access_control
-    .enforce_action(&uid, &workspace_id.to_string(), Action::Write)
+    .enforce_role(&uid, &workspace_id.to_string(), AFRole::Owner)
+    .await?;
+  biz::workspace::publish::unset_workspace_default_publish_view(&state.pg_pool, &workspace_id)
    .await?;
-  biz::workspace::publish::unset_workspace_default_publish_view(
-    &state.pg_pool,
-    &user_uuid,
-    &workspace_id,
-  )
-  .await?;
  Ok(Json(AppResponse::Ok()))
 }

@ -1199,16 +1194,11 @@ async fn put_publish_namespace_handler(
  let uid = state.user_cache.get_user_uid(&user_uuid).await?;
  state
    .workspace_access_control
-    .enforce_action(&uid, &workspace_id.to_string(), Action::Write)
+    .enforce_role(&uid, &workspace_id.to_string(), AFRole::Owner)
    .await?;
  let new_namespace = payload.into_inner().new_namespace;
-  biz::workspace::publish::set_workspace_namespace(
-    &state.pg_pool,
-    &user_uuid,
-    &workspace_id,
-    &new_namespace,
-  )
-  .await?;
+  biz::workspace::publish::set_workspace_namespace(&state.pg_pool, &workspace_id, &new_namespace)
+    .await?;
  Ok(Json(AppResponse::Ok()))
 }

@ -1568,14 +1558,10 @@ async fn get_workspace_usage_handler(
  let uid = state.user_cache.get_user_uid(&user_uuid).await?;
  state
    .workspace_access_control
-    .enforce_action(&uid, &workspace_id.to_string(), Action::Read)
+    .enforce_role(&uid, &workspace_id.to_string(), AFRole::Owner)
    .await?;
-  let res = biz::workspace::ops::get_workspace_document_total_bytes(
-    &state.pg_pool,
-    &user_uuid,
-    &workspace_id,
-  )
-  .await?;
+  let res =
+    biz::workspace::ops::get_workspace_document_total_bytes(&state.pg_pool, &workspace_id).await?;
  Ok(Json(AppResponse::Ok().with_data(res)))
 }

--- a/src/biz/workspace/ops.rs
+++ b/src/biz/workspace/ops.rs
@ -604,11 +604,8 @@ pub async fn update_workspace_member(

 pub async fn get_workspace_document_total_bytes(
  pg_pool: &PgPool,
-  user_uuid: &Uuid,
  workspace_id: &Uuid,
 ) -> Result<WorkspaceUsage, AppError> {
-  check_workspace_owner(pg_pool, user_uuid, workspace_id).await?;
-
  let byte_count = select_workspace_total_collab_bytes(pg_pool, workspace_id).await?;
  Ok(WorkspaceUsage {
    total_document_size: byte_count,
@ -646,19 +643,6 @@ pub async fn update_workspace_settings(
  Ok(setting)
 }

-pub async fn check_workspace_owner(
-  pg_pool: &PgPool,
-  user_uuid: &Uuid,
-  workspace_id: &Uuid,
-) -> Result<(), AppError> {
-  match select_user_is_workspace_owner(pg_pool, user_uuid, workspace_id).await? {
-    true => Ok(()),
-    false => Err(AppError::UserUnAuthorized(
-      "User is not the owner of the workspace".to_string(),
-    )),
-  }
-}
-
 async fn check_if_user_is_allowed_to_delete_comment(
  pg_pool: &PgPool,
  user_uuid: &Uuid,
--- a/src/biz/workspace/publish.rs
+++ b/src/biz/workspace/publish.rs
@ -39,8 +39,6 @@ use crate::{
  biz::collab::{folder_view::to_dto_folder_view_miminal, ops::get_latest_collab_folder},
 };

-use super::ops::check_workspace_owner;
-
 async fn check_workspace_owner_or_publisher(
  pg_pool: &PgPool,
  user_uuid: &Uuid,
@ -87,11 +85,9 @@ fn get_collab_s3_key(workspace_id: &Uuid, view_id: &Uuid) -> String {

 pub async fn set_workspace_namespace(
  pg_pool: &PgPool,
-  user_uuid: &Uuid,
  workspace_id: &Uuid,
  new_namespace: &str,
 ) -> Result<(), AppError> {
-  check_workspace_owner(pg_pool, user_uuid, workspace_id).await?;
  check_workspace_namespace(new_namespace).await?;
  if select_workspace_publish_namespace_exists(pg_pool, workspace_id, new_namespace).await? {
    return Err(AppError::PublishNamespaceAlreadyTaken(
@ -104,21 +100,17 @@ pub async fn set_workspace_namespace(

 pub async fn set_workspace_default_publish_view(
  pg_pool: &PgPool,
-  user_uuid: &Uuid,
  workspace_id: &Uuid,
  new_view_id: &Uuid,
 ) -> Result<(), AppError> {
-  check_workspace_owner(pg_pool, user_uuid, workspace_id).await?;
  update_workspace_default_publish_view(pg_pool, workspace_id, new_view_id).await?;
  Ok(())
 }

 pub async fn unset_workspace_default_publish_view(
  pg_pool: &PgPool,
-  user_uuid: &Uuid,
  workspace_id: &Uuid,
 ) -> Result<(), AppError> {
-  check_workspace_owner(pg_pool, user_uuid, workspace_id).await?;
  update_workspace_default_publish_view_set_null(pg_pool, workspace_id).await?;
  Ok(())
 }