oppi.li
Signed-off-by: oppiliappan me@oppi.li
+3
-2
knotserver/ingester.go
+3
-2
knotserver/ingester.go
···
21
21
"tangled.sh/tangled.sh/core/knotserver/db"
22
22
"tangled.sh/tangled.sh/core/knotserver/git"
23
23
"tangled.sh/tangled.sh/core/log"
24
+
"tangled.sh/tangled.sh/core/rbac"
24
25
"tangled.sh/tangled.sh/core/workflow"
25
26
)
26
27
···
46
47
return fmt.Errorf("domain mismatch: %s != %s", record.Domain, h.c.Server.Hostname)
47
48
}
48
49
49
-
ok, err := h.e.E.Enforce(did, ThisServer, ThisServer, "server:invite")
50
+
ok, err := h.e.E.Enforce(did, rbac.ThisServer, rbac.ThisServer, "server:invite")
50
51
if err != nil || !ok {
51
52
l.Error("failed to add member", "did", did)
52
53
return fmt.Errorf("failed to enforce permissions: %w", err)
53
54
}
54
55
55
-
if err := h.e.AddKnotMember(ThisServer, record.Subject); err != nil {
56
+
if err := h.e.AddKnotMember(rbac.ThisServer, record.Subject); err != nil {
56
57
l.Error("failed to add member", "error", err)
57
58
return fmt.Errorf("failed to add member: %w", err)
58
59
}
+1
-1
knotserver/internal.go
+1
-1
knotserver/internal.go
+6
-5
knotserver/routes.go
+6
-5
knotserver/routes.go
···
29
29
"tangled.sh/tangled.sh/core/knotserver/db"
30
30
"tangled.sh/tangled.sh/core/knotserver/git"
31
31
"tangled.sh/tangled.sh/core/patchutil"
32
+
"tangled.sh/tangled.sh/core/rbac"
32
33
"tangled.sh/tangled.sh/core/types"
33
34
)
34
35
···
674
675
}
675
676
676
677
// add perms for this user to access the repo
677
-
err = h.e.AddRepo(did, ThisServer, relativeRepoPath)
678
+
err = h.e.AddRepo(did, rbac.ThisServer, relativeRepoPath)
678
679
if err != nil {
679
680
l.Error("adding repo permissions", "error", err.Error())
680
681
writeError(w, err.Error(), http.StatusInternalServerError)
···
892
893
}
893
894
894
895
// add perms for this user to access the repo
895
-
err = h.e.AddRepo(did, ThisServer, relativeRepoPath)
896
+
err = h.e.AddRepo(did, rbac.ThisServer, relativeRepoPath)
896
897
if err != nil {
897
898
l.Error("adding repo permissions", "error", err.Error())
898
899
writeError(w, err.Error(), http.StatusInternalServerError)
···
1146
1147
}
1147
1148
h.jc.AddDid(did)
1148
1149
1149
-
if err := h.e.AddKnotMember(ThisServer, did); err != nil {
1150
+
if err := h.e.AddKnotMember(rbac.ThisServer, did); err != nil {
1150
1151
l.Error("adding member", "error", err.Error())
1151
1152
writeError(w, err.Error(), http.StatusInternalServerError)
1152
1153
return
···
1184
1185
h.jc.AddDid(data.Did)
1185
1186
1186
1187
repoName, _ := securejoin.SecureJoin(ownerDid, repo)
1187
-
if err := h.e.AddCollaborator(data.Did, ThisServer, repoName); err != nil {
1188
+
if err := h.e.AddCollaborator(data.Did, rbac.ThisServer, repoName); err != nil {
1188
1189
l.Error("adding repo collaborator", "error", err.Error())
1189
1190
writeError(w, err.Error(), http.StatusInternalServerError)
1190
1191
return
···
1281
1282
}
1282
1283
h.jc.AddDid(data.Did)
1283
1284
1284
-
if err := h.e.AddKnotOwner(ThisServer, data.Did); err != nil {
1285
+
if err := h.e.AddKnotOwner(rbac.ThisServer, data.Did); err != nil {
1285
1286
l.Error("adding owner", "error", err.Error())
1286
1287
writeError(w, err.Error(), http.StatusInternalServerError)
1287
1288
return
-5
knotserver/util.go
-5
knotserver/util.go
···
8
8
"github.com/bluesky-social/indigo/atproto/syntax"
9
9
securejoin "github.com/cyphar/filepath-securejoin"
10
10
"github.com/go-chi/chi/v5"
11
-
"github.com/microcosm-cc/bluemonday"
12
11
)
13
12
14
-
func sanitize(content []byte) []byte {
15
-
return bluemonday.UGCPolicy().SanitizeBytes([]byte(content))
16
-
}
17
-
18
13
func didPath(r *http.Request) string {
19
14
did := chi.URLParam(r, "did")
20
15
name := chi.URLParam(r, "name")