dustyp
/
quartermaster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add owner checks

Browse Source
main
DustyP 4 years ago
parent fe0cdbd3cb
commit 215ed8f2ad
12 changed files with 33526 additions and 7263 deletions
Show Stats Download Patch File Download Diff File

11
categories.go
Unescape View File

@ -7,9 +7,10 @@ type Category struct {
} }
type CategoryService interface { type CategoryService interface {
Category(int) (*Category, error) Category(int, *User) (*Category, error)
AddCategory(*Category) (*Category, error) AddCategory(*Category, *User) (*Category, error)
UpdateCategory(*Category) error UpdateCategory(*Category, *User) error
DeleteCategory(*Category) error DeleteCategory(*Category, *User) error
GetItems(*Category) ([]*Item, error) GetItems(*Category, *User) ([]*Item, error)
GetCategories(*User) ([]*Category, error)
} }

11
groups.go
Unescape View File

@ -7,9 +7,10 @@ type Group struct {
} }
type GroupService interface { type GroupService interface {
Group(int) (*Group, error) Group(int, *User) (*Group, error)
AddGroup(*Group) (*Group, error) AddGroup(*Group, *User) (*Group, error)
UpdateGroup(*Group) error UpdateGroup(*Group, *User) error
DeleteGroup(*Group) error DeleteGroup(*Group, *User) error
GetItems(*Group) ([]*Item, error) GetItems(*Group, *User) ([]*Item, error)
GetGroups(*User) ([]*Group, error)
} }

52
internal/postgres/categories.go
Unescape View File

@ -11,10 +11,10 @@ type categoryService struct {
db *sql.DB db *sql.DB
} }
func (s categoryService) Category(id int) (*quartermaster.Category, error) { func (s categoryService) Category(id int, user *quartermaster.User) (*quartermaster.Category, error) {
var c quartermaster.Category var c quartermaster.Category
queryString := "SELECT id, name, description FROM categories WHERE id = $1" queryString := "SELECT id, name, description FROM categories WHERE id = $1 AND owner_id = $2"
row := s.db.QueryRow(queryString, id) row := s.db.QueryRow(queryString, id, user.ID)
err := row.Scan(&c.ID, &c.Name, &c.Description) err := row.Scan(&c.ID, &c.Name, &c.Description)
if err != nil { if err != nil {
return nil, err return nil, err
@ -22,25 +22,25 @@ func (s categoryService) Category(id int) (*quartermaster.Category, error) {
return &c, nil return &c, nil
} }
func (s categoryService) AddCategory(c *quartermaster.Category) (*quartermaster.Category, error) { func (s categoryService) AddCategory(c *quartermaster.Category, user *quartermaster.User) (*quartermaster.Category, error) {
queryString := "INSERT INTO categories (name, description) VALUES ($1, $2) RETURNING id" queryString := "INSERT INTO categories (name, description, owner_id) VALUES ($1, $2, $3) RETURNING id"
err := s.db.QueryRow(queryString, c.Name, c.Description).Scan(&c.ID) err := s.db.QueryRow(queryString, c.Name, c.Description, user.ID).Scan(&c.ID)
return c, err return c, err
} }
func (s categoryService) UpdateCategory(c *quartermaster.Category) error { func (s categoryService) UpdateCategory(c *quartermaster.Category, user *quartermaster.User) error {
queryString := "UPDATE categories SET name = $2, description = $3 WHERE id = $1" queryString := "UPDATE categories SET name = $2, description = $3 WHERE id = $1 AND owner_id = $4"
_, err := s.db.Exec(queryString, c.ID, c.Name, c.Description) _, err := s.db.Exec(queryString, c.ID, c.Name, c.Description, user.ID)
return err return err
} }
func (s categoryService) DeleteCategory(c *quartermaster.Category) error { func (s categoryService) DeleteCategory(c *quartermaster.Category, user *quartermaster.User) error {
queryString := "DELETE FROM categories WHERE id = $1" queryString := "DELETE FROM categories WHERE id = $1 AND owner_id = $2"
_, err := s.db.Exec(queryString, c.ID) _, err := s.db.Exec(queryString, c.ID, user.ID)
return err return err
} }
func (s categoryService) GetItems(c *quartermaster.Category) ([]*quartermaster.Item, error) { func (s categoryService) GetItems(c *quartermaster.Category, user *quartermaster.User) ([]*quartermaster.Item, error) {
var items []*quartermaster.Item var items []*quartermaster.Item
queryString := "SELECT item_id FROM x_items_categories WHERE category_id = $1" queryString := "SELECT item_id FROM x_items_categories WHERE category_id = $1"
rows, err := s.db.Query(queryString, c.ID) rows, err := s.db.Query(queryString, c.ID)
@ -54,7 +54,7 @@ func (s categoryService) GetItems(c *quartermaster.Category) ([]*quartermaster.I
log.Println(err) log.Println(err)
continue continue
} }
item, err := ItemService.Item(id) item, err := ItemService.Item(id, user)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
continue continue
@ -63,3 +63,27 @@ func (s categoryService) GetItems(c *quartermaster.Category) ([]*quartermaster.I
} }
return items, nil return items, nil
} }
func (s categoryService) GetCategories(user *quartermaster.User) ([]*quartermaster.Category, error) {
var categories []*quartermaster.Category
queryString := "SELECT id FROM categories WHERE owner_id = $1"
rows, err := s.db.Query(queryString, user.ID)
if err != nil {
return nil, err
}
for rows.Next() {
var c *quartermaster.Category
err := rows.Scan(&c.ID)
if err != nil {
log.Println(err)
continue
}
c, err = s.Category(c.ID, user)
if err != nil {
log.Println(err)
continue
}
categories = append(categories, c)
}
return categories, nil
}

52
internal/postgres/groups.go
Unescape View File

@ -11,10 +11,10 @@ type groupService struct {
db *sql.DB db *sql.DB
} }
func (s groupService) Group(id int) (*quartermaster.Group, error) { func (s groupService) Group(id int, user *quartermaster.User) (*quartermaster.Group, error) {
var g quartermaster.Group var g quartermaster.Group
queryString := "SELECT id, name, description FROM groups WHERE id = $1" queryString := "SELECT id, name, description FROM groups WHERE id = $1 AND owner_id = $2"
row := s.db.QueryRow(queryString, id) row := s.db.QueryRow(queryString, id, user.ID)
err := row.Scan(&g.ID, &g.Name, &g.Description) err := row.Scan(&g.ID, &g.Name, &g.Description)
if err != nil { if err != nil {
return nil, err return nil, err
@ -22,25 +22,25 @@ func (s groupService) Group(id int) (*quartermaster.Group, error) {
return &g, nil return &g, nil
} }
func (s groupService) AddGroup(g *quartermaster.Group) (*quartermaster.Group, error) { func (s groupService) AddGroup(g *quartermaster.Group, user *quartermaster.User) (*quartermaster.Group, error) {
queryString := "INSERT INTO groups (name, description) VALUES ($1, $2) RETURNING id" queryString := "INSERT INTO groups (name, description, owner_id) VALUES ($1, $2, $3) RETURNING id"
err := s.db.QueryRow(queryString, g.Name, g.Description).Scan(&g.ID) err := s.db.QueryRow(queryString, g.Name, g.Description, user.ID).Scan(&g.ID)
return g, err return g, err
} }
func (s groupService) UpdateGroup(g *quartermaster.Group) error { func (s groupService) UpdateGroup(g *quartermaster.Group, user *quartermaster.User) error {
queryString := "UPDATE groups SET name = $2, description = $3 WHERE id = $1" queryString := "UPDATE groups SET name = $2, description = $3 WHERE id = $1 AND owner_id = $4"
_, err := s.db.Exec(queryString, g.ID, g.Name, g.Description) _, err := s.db.Exec(queryString, g.ID, g.Name, g.Description, user.ID)
return err return err
} }
func (s groupService) DeleteGroup(g *quartermaster.Group) error { func (s groupService) DeleteGroup(g *quartermaster.Group, user *quartermaster.User) error {
queryString := "DELETE FROM groups WHERE id = $1" queryString := "DELETE FROM groups WHERE id = $1 AND owner_id = $2"
_, err := s.db.Exec(queryString, g.ID) _, err := s.db.Exec(queryString, g.ID, user.ID)
return err return err
} }
func (s groupService) GetItems(g *quartermaster.Group) ([]*quartermaster.Item, error) { func (s groupService) GetItems(g *quartermaster.Group, user *quartermaster.User) ([]*quartermaster.Item, error) {
var items []*quartermaster.Item var items []*quartermaster.Item
queryString := "SELECT item_id FROM x_items_groups WHERE group_id = $1" queryString := "SELECT item_id FROM x_items_groups WHERE group_id = $1"
rows, err := s.db.Query(queryString, g.ID) rows, err := s.db.Query(queryString, g.ID)
@ -54,7 +54,7 @@ func (s groupService) GetItems(g *quartermaster.Group) ([]*quartermaster.Item, e
log.Println(err) log.Println(err)
continue continue
} }
item, err := ItemService.Item(id) item, err := ItemService.Item(id, user)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
continue continue
@ -63,3 +63,27 @@ func (s groupService) GetItems(g *quartermaster.Group) ([]*quartermaster.Item, e
} }
return items, nil return items, nil
} }
func (s groupService) GetGroups(user *quartermaster.User) ([]*quartermaster.Group, error) {
var groups []*quartermaster.Group
queryString := "SELECT id FROM groups WHERE owner_id = $1"
rows, err := s.db.Query(queryString, user.ID)
if err != nil {
return nil, err
}
for rows.Next() {
var g *quartermaster.Group
err := rows.Scan(&g.ID)
if err != nil {
log.Println(err)
continue
}
g, err = s.Group(g.ID, user)
if err != nil {
log.Println(err)
continue
}
groups = append(groups, g)
}
return groups, nil
}

36
internal/postgres/items.go
Unescape View File

@ -11,10 +11,10 @@ type itemService struct {
db *sql.DB db *sql.DB
} }
func (s itemService) Item(id int) (*quartermaster.Item, error) { func (s itemService) Item(id int, user *quartermaster.User) (*quartermaster.Item, error) {
var i quartermaster.Item var i quartermaster.Item
queryString := "SELECT id, name, description, size, unit, barcode, nutrition_id FROM items WHERE id = $1" queryString := "SELECT id, name, description, size, unit, barcode, nutrition_id FROM items WHERE id = $1 AND owner_id = $2"
row := s.db.QueryRow(queryString, id) row := s.db.QueryRow(queryString, id, user.ID)
var nutrition_id sql.NullInt32 var nutrition_id sql.NullInt32
err := row.Scan(&i.ID, &i.Name, &i.Description, &i.Size, &i.Unit, &i.Barcode, &nutrition_id) err := row.Scan(&i.ID, &i.Name, &i.Description, &i.Size, &i.Unit, &i.Barcode, &nutrition_id)
if err != nil { if err != nil {
@ -32,7 +32,7 @@ func (s itemService) Item(id int) (*quartermaster.Item, error) {
return &i, nil return &i, nil
} }
func (s itemService) AddItem(i *quartermaster.Item, l *quartermaster.Location) (*quartermaster.Item, error) { func (s itemService) AddItem(i *quartermaster.Item, l *quartermaster.Location, user *quartermaster.User) (*quartermaster.Item, error) {
var err error var err error
if i.ID == 0 { if i.ID == 0 {
if i.Nutrition != nil { if i.Nutrition != nil {
@ -41,8 +41,8 @@ func (s itemService) AddItem(i *quartermaster.Item, l *quartermaster.Location) (
log.Println(err) log.Println(err)
} }
} }
queryString := "INSERT INTO items (name, description, size, unit, barcode, nutrition_id) VALUES ($1, $2, $3, $4, $5, $6) RETURNING id" queryString := "INSERT INTO items (name, description, size, unit, barcode, nutrition_id, owner_id) VALUES ($1, $2, $3, $4, $5, $6, $7) RETURNING id"
err := s.db.QueryRow(queryString, i.Name, i.Description, i.Size, i.Unit, i.Barcode, i.Nutrition.ID).Scan(&i.ID) err := s.db.QueryRow(queryString, i.Name, i.Description, i.Size, i.Unit, i.Barcode, i.Nutrition.ID, user.ID).Scan(&i.ID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -76,21 +76,21 @@ func (s itemService) RemoveGroup(i *quartermaster.Item, g *quartermaster.Group)
return err return err
} }
func (s itemService) DeleteItem(i *quartermaster.Item) error { func (s itemService) DeleteItem(i *quartermaster.Item, user *quartermaster.User) error {
queryString := "DELETE FROM items WHERE id = $1" queryString := "DELETE FROM items WHERE id = $1 AND owner_id = $2"
_, err := s.db.Exec(queryString, i.ID) _, err := s.db.Exec(queryString, i.ID, user.ID)
return err return err
} }
func (s itemService) GetItemByBarcode(b string) (*quartermaster.Item, error) { func (s itemService) GetItemByBarcode(b string, user *quartermaster.User) (*quartermaster.Item, error) {
queryString := "SELECT id FROM items WHERE barcode = $1" queryString := "SELECT id FROM items WHERE barcode = $1 AND owner_id = $2"
row := s.db.QueryRow(queryString, b) row := s.db.QueryRow(queryString, b, user.ID)
var id int var id int
err := row.Scan(&id) err := row.Scan(&id)
if err != nil { if err != nil {
return nil, err return nil, err
} }
return s.Item(id) return s.Item(id, user)
} }
func (s itemService) RemoveItem(i *quartermaster.Item, l *quartermaster.Location) error { func (s itemService) RemoveItem(i *quartermaster.Item, l *quartermaster.Location) error {
@ -108,16 +108,16 @@ func (s itemService) RemoveItem(i *quartermaster.Item, l *quartermaster.Location
return nil return nil
} }
func (s itemService) MoveItem(i *quartermaster.Item, old, new *quartermaster.Location) error { func (s itemService) MoveItem(i *quartermaster.Item, old, new *quartermaster.Location, user *quartermaster.User) error {
err := s.RemoveItem(i, old) err := s.RemoveItem(i, old)
if err != nil { if err != nil {
return err return err
} }
_, err = s.AddItem(i, new) _, err = s.AddItem(i, new, user)
return err return err
} }
func (s itemService) UpdateItem(i *quartermaster.Item) error { func (s itemService) UpdateItem(i *quartermaster.Item, user *quartermaster.User) error {
var err error var err error
if i.Nutrition != nil { if i.Nutrition != nil {
if i.Nutrition.ID == 0 { if i.Nutrition.ID == 0 {
@ -132,7 +132,7 @@ func (s itemService) UpdateItem(i *quartermaster.Item) error {
} }
} }
} }
queryString := "UPDATE items SET name = $2, description = $3, size = $4, unit = $5, barcode = $6, nutrition_id = $7, WHERE id = $1" queryString := "UPDATE items SET name = $2, description = $3, size = $4, unit = $5, barcode = $6, nutrition_id = $7, WHERE id = $1 AND owner_id = $8"
_, err = s.db.Exec(queryString, i.ID, i.Name, i.Description, i.Size, i.Unit, i.Barcode, i.Nutrition.ID) _, err = s.db.Exec(queryString, i.ID, i.Name, i.Description, i.Size, i.Unit, i.Barcode, i.Nutrition.ID, user.ID)
return err return err
} }

50
internal/postgres/locations.go
Unescape View File

@ -11,17 +11,17 @@ type locationService struct {
db *sql.DB db *sql.DB
} }
func (s locationService) Location(id int) (*quartermaster.Location, error) { func (s locationService) Location(id int, user *quartermaster.User) (*quartermaster.Location, error) {
var l quartermaster.Location var l quartermaster.Location
var parent_id sql.NullInt32 var parent_id sql.NullInt32
queryString := "SELECT id, name, description, parent_id FROM locations WHERE id = $1" queryString := "SELECT id, name, description, parent_id FROM locations WHERE id = $1 AND owner_id = $2"
row := s.db.QueryRow(queryString, id) row := s.db.QueryRow(queryString, id, user.ID)
err := row.Scan(&l.ID, &l.Name, &l.Description, &parent_id) err := row.Scan(&l.ID, &l.Name, &l.Description, &parent_id)
if err != nil { if err != nil {
return nil, err return nil, err
} }
if parent_id.Valid { if parent_id.Valid {
p, err := s.Location(int(parent_id.Int32)) p, err := s.Location(int(parent_id.Int32), user)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -30,38 +30,38 @@ func (s locationService) Location(id int) (*quartermaster.Location, error) {
return &l, nil return &l, nil
} }
func (s locationService) AddLocation(l *quartermaster.Location) (*quartermaster.Location, error) { func (s locationService) AddLocation(l *quartermaster.Location, user *quartermaster.User) (*quartermaster.Location, error) {
queryString := "INSERT INTO locations (name, description, parent_id VALUES ($1, $2, $3) RETURNING id" queryString := "INSERT INTO locations (name, description, parent_id, owner_id) VALUES ($1, $2, $3, $4) RETURNING id"
var err error var err error
if l.Parent != nil { if l.Parent != nil {
err = s.db.QueryRow(queryString, l.Name, l.Description, l.Parent.ID).Scan(&l.ID) err = s.db.QueryRow(queryString, l.Name, l.Description, l.Parent.ID, user.ID).Scan(&l.ID)
} else { } else {
err = s.db.QueryRow(queryString, l.Name, l.Description, nil).Scan(&l.ID) err = s.db.QueryRow(queryString, l.Name, l.Description, nil, user.ID).Scan(&l.ID)
} }
return l, err return l, err
} }
func (s locationService) UpdateLocation(l *quartermaster.Location) error { func (s locationService) UpdateLocation(l *quartermaster.Location, user *quartermaster.User) error {
queryString := "UPDATE locations SET name = $2, description = $3, parent_id = $4 WHERE id = $1" queryString := "UPDATE locations SET name = $2, description = $3, parent_id = $4 WHERE id = $1 AND owner_id = $5"
var err error var err error
if l.Parent != nil { if l.Parent != nil {
_, err = s.db.Exec(queryString, l.ID, l.Name, l.Description, l.Parent.ID) _, err = s.db.Exec(queryString, l.ID, l.Name, l.Description, l.Parent.ID, user.ID)
} else { } else {
_, err = s.db.Exec(queryString, l.ID, l.Name, l.Description, nil) _, err = s.db.Exec(queryString, l.ID, l.Name, l.Description, nil, user.ID)
} }
return err return err
} }
func (s locationService) DeleteLocation(l *quartermaster.Location) error { func (s locationService) DeleteLocation(l *quartermaster.Location, user *quartermaster.User) error {
queryString := "DELETE FROM locations WHERE id = $1" queryString := "DELETE FROM locations WHERE id = $1 AND owner_id = $2"
_, err := s.db.Exec(queryString, l.ID) _, err := s.db.Exec(queryString, l.ID, user.ID)
return err return err
} }
func (s locationService) GetChildren(l *quartermaster.Location) ([]*quartermaster.Location, error) { func (s locationService) GetChildren(l *quartermaster.Location, user *quartermaster.User) ([]*quartermaster.Location, error) {
var locations []*quartermaster.Location var locations []*quartermaster.Location
queryString := "SELECT id FROM locations WHERE parent_id = $1" queryString := "SELECT id FROM locations WHERE parent_id = $1 AND owner_id = $2"
rows, err := s.db.Query(queryString, l.ID) rows, err := s.db.Query(queryString, l.ID, user.ID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -72,7 +72,7 @@ func (s locationService) GetChildren(l *quartermaster.Location) ([]*quartermaste
log.Println(err) log.Println(err)
continue continue
} }
location, err := s.Location(id) location, err := s.Location(id, user)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
continue continue
@ -82,7 +82,7 @@ func (s locationService) GetChildren(l *quartermaster.Location) ([]*quartermaste
return locations, nil return locations, nil
} }
func (s locationService) GetItems(l *quartermaster.Location) (map[*quartermaster.Item]int, error) { func (s locationService) GetItems(l *quartermaster.Location, user *quartermaster.User) (map[*quartermaster.Item]int, error) {
items := make(map[*quartermaster.Item]int) items := make(map[*quartermaster.Item]int)
queryString := "SELECT item_id, count FROM x_items_locations WHERE location_id = $1" queryString := "SELECT item_id, count FROM x_items_locations WHERE location_id = $1"
rows, err := s.db.Query(queryString, l.ID) rows, err := s.db.Query(queryString, l.ID)
@ -96,7 +96,7 @@ func (s locationService) GetItems(l *quartermaster.Location) (map[*quartermaster
log.Println(err) log.Println(err)
continue continue
} }
item, err := ItemService.Item(id) item, err := ItemService.Item(id, user)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
continue continue
@ -106,10 +106,10 @@ func (s locationService) GetItems(l *quartermaster.Location) (map[*quartermaster
return items, nil return items, nil
} }
func (s locationService) GetTopLocations() ([]*quartermaster.Location, error) { func (s locationService) GetTopLocations(user *quartermaster.User) ([]*quartermaster.Location, error) {
var locations []*quartermaster.Location var locations []*quartermaster.Location
queryString := "SELECT id FROM locations WHERE parent_id IS NULL" queryString := "SELECT id FROM locations WHERE parent_id IS NULL AND owner_id = $1"
rows, err := s.db.Query(queryString) rows, err := s.db.Query(queryString, user.ID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -120,7 +120,7 @@ func (s locationService) GetTopLocations() ([]*quartermaster.Location, error) {
log.Println(err) log.Println(err)
continue continue
} }
l, err := s.Location(id) l, err := s.Location(id, user)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
continue continue

12
items.go
Unescape View File

@ -13,13 +13,13 @@ type Item struct {
} }
type ItemService interface { type ItemService interface {
Item(int) (*Item, error) Item(int, *User) (*Item, error)
AddItem(*Item, *Location) (*Item, error) AddItem(*Item, *Location, *User) (*Item, error)
UpdateItem(*Item) error UpdateItem(*Item, *User) error
MoveItem(item *Item, old *Location, new *Location) error MoveItem(item *Item, old *Location, new *Location, user *User) error
RemoveItem(*Item, *Location) error RemoveItem(*Item, *Location) error
DeleteItem(*Item) error DeleteItem(*Item, *User) error
GetItemByBarcode(barcode string) (*Item, error) GetItemByBarcode(barcode string, user *User) (*Item, error)
AddGroup(*Item, *Group) error AddGroup(*Item, *Group) error
AddCategory(*Item, *Category) error AddCategory(*Item, *Category) error
RemoveGroup(*Item, *Group) error RemoveGroup(*Item, *Group) error

14
locations.go
Unescape View File

@ -8,11 +8,11 @@ type Location struct {
} }
type LocationService interface { type LocationService interface {
Location(int) (*Location, error) Location(int, *User) (*Location, error)
AddLocation(*Location) (*Location, error) AddLocation(*Location, *User) (*Location, error)
UpdateLocation(*Location) error UpdateLocation(*Location, *User) error
DeleteLocation(*Location) error DeleteLocation(*Location, *User) error
GetChildren(*Location) ([]*Location, error) GetChildren(*Location, *User) ([]*Location, error)
GetItems(*Location) (map[*Item]int, error) GetItems(*Location, *User) (map[*Item]int, error)
GetTopLocations() ([]*Location, error) GetTopLocations(*User) ([]*Location, error)
} }

9
pkg/api/location/router.go
Unescape View File

@ -0,0 +1,9 @@
package location
import "github.com/gorilla/mux"
func GetRouter() *mux.Router {
router := mux.NewRouter().StrictSlash(true)
router.HandleFunc("/", location).Methods("GET")
return router
}

13
pkg/api/location/views.go
Unescape View File

@ -0,0 +1,13 @@
package location
import "net/http"
func location(w http.ResponseWriter, r *http.Request) {
if r.Method == "POST" {
addLocation(w, r)
}
}
func addLocation(w http.ResponseWriter, r *http.Request) {
}

26124
pkg/ui/frontend/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

14405
pkg/ui/frontend/yarn.lock
View File

File diff suppressed because it is too large Load Diff
Write Preview
Loading…
Cancel
Save