make insights depend on security and refactor access granting

2015-12-09 00:20:15 +07:00 · 2015-12-09 00:20:15 +07:00 · 0aec2e9579
parent 2acdad4e18
commit 0aec2e9579
3 changed files with 19 additions and 18 deletions
--- a/app/controllers/Insight.scala
+++ b/app/controllers/Insight.scala
@ -58,21 +58,19 @@ object Insight extends LilaController {

  private def Accessible(username: String)(f: lila.user.User => Fu[Result])(implicit ctx: Context) =
    lila.user.UserRepo named username flatMap {
-      case None => notFound
-      case Some(u) => env.share.grant(u, ctx.me) flatMap {
-        case true                             => f(u)
-        case false if isGranted(_.SeeInsight) => f(u)
-        case false                            => fuccess(Forbidden(html.insight.forbidden(u)))
+      _.fold(notFound) { u =>
+        env.share.grant(u, ctx.me) flatMap {
+          _.fold(f(u), fuccess(Forbidden(html.insight.forbidden(u))))
+        }
      }
    }

  private def AccessibleJson(username: String)(f: lila.user.User => Fu[Result])(implicit ctx: Context) =
    lila.user.UserRepo named username flatMap {
-      case None => notFoundJson(s"No such user: $username")
-      case Some(u) => env.share.grant(u, ctx.me) flatMap {
-        case true                             => f(u)
-        case false if isGranted(_.SeeInsight) => f(u)
-        case false                            => fuccess(Forbidden(Json.obj("error" -> s"User $username data is protected")))
+      _.fold(notFoundJson(s"No such user: $username")) { u =>
+        env.share.grant(u, ctx.me) flatMap {
+          _.fold(f(u), fuccess(Forbidden(Json.obj("error" -> s"User $username data is protected"))))
+        }
      }
    } map (_ as JSON)
 }
--- a/modules/insight/src/main/Share.scala
+++ b/modules/insight/src/main/Share.scala
@ -1,6 +1,7 @@
 package lila.insight

 import lila.pref.Pref
+import lila.security.Granter
 import lila.user.User

 final class Share(
@ -9,12 +10,14 @@ final class Share(

  def getPrefId(insighted: User) = getPref(insighted.id) map (_.insightShare)

-  def grant(insighted: User, to: Option[User]): Fu[Boolean] = getPref(insighted.id) flatMap { pref =>
-    pref.insightShare match {
-      case _ if to.contains(insighted) => fuccess(true)
-      case Pref.InsightShare.EVERYBODY => fuccess(true)
-      case Pref.InsightShare.FRIENDS   => to ?? { t => areFriends(insighted.id, t.id) }
-      case Pref.InsightShare.NOBODY    => fuccess(false)
+  def grant(insighted: User, to: Option[User]): Fu[Boolean] =
+    if (to ?? Granter(_.SeeInsight)) fuccess(true)
+    else getPref(insighted.id) flatMap { pref =>
+      pref.insightShare match {
+        case _ if to.contains(insighted) => fuccess(true)
+        case Pref.InsightShare.EVERYBODY => fuccess(true)
+        case Pref.InsightShare.FRIENDS   => to ?? { t => areFriends(insighted.id, t.id) }
+        case Pref.InsightShare.NOBODY    => fuccess(false)
+      }
    }
-  }
 }
--- a/project/Build.scala
+++ b/project/Build.scala
@ -190,7 +190,7 @@ object ApplicationBuild extends Build {
  )

  lazy val insight = project("insight",
-    Seq(common, chess, game, user, analyse, relation, pref, socket, round)
+    Seq(common, chess, game, user, analyse, relation, pref, socket, round, security)
  ).settings(
      libraryDependencies ++= provided(play.api, RM, PRM)
    )