YourSelfHosted/memos
1
0
Fork 0
mirror of https://github.com/usememos/memos.git synced 2025-06-05 22:09:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: impl user access token api

Browse Source
This commit is contained in:
Steven
2023-09-14 20:16:17 +08:00
parent 41e26f56e9
commit 42bd9b194b
26 changed files with 507 additions and 240 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
api/v2/memo_service.go
View File

@@ -42,9 +42,9 @@ func (s *MemoService) ListMemos(ctx context.Context, request *apiv2pb.ListMemosR
memoFind.CreatedTsAfter = filter.CreatedTsAfter
}
}
userIDPtr := ctx.Value(UserIDContextKey)
user, _ := getCurrentUser(ctx, s.Store)
// If the user is not authenticated, only public memos are visible.
if userIDPtr == nil {
if user == nil {
memoFind.VisibilityList = []store.Visibility{store.Public}
}
if request.PageSize != 0 {
@@ -80,12 +80,14 @@ func (s *MemoService) GetMemo(ctx context.Context, request *apiv2pb.GetMemoReque
return nil, status.Errorf(codes.NotFound, "memo not found")
}
if memo.Visibility != store.Public {
userIDPtr := ctx.Value(UserIDContextKey)
if userIDPtr == nil {
return nil, status.Errorf(codes.Unauthenticated, "unauthenticated")
user, err := getCurrentUser(ctx, s.Store)
if err != nil {
return nil, status.Errorf(codes.Internal, "failed to get user")
}
userID := userIDPtr.(int32)
if memo.Visibility == store.Private && memo.CreatorID != userID {
if user == nil {
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
}
if memo.Visibility == store.Private && memo.CreatorID != user.ID {
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
}
}