notid/integreat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes permissions issues

Browse Source
This commit is contained in:
Bryce
2023-09-04 14:13:53 -07:00
parent dcf1c8d990
commit 44dd04f788
1 changed files with 17 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/clj/auto_ap/handler.clj
View File

@@ -197,13 +197,14 @@
(map :db/id )
set)
client-ids (if (set? limited-clients)
client-ids (if (= "admin" (:user/role identity))
ideal-ids
(set/intersection ideal-ids
limited-clients)
ideal-ids)
clients (pull-many (dc/db conn)
d-clients/full-read
client-ids)]
(or limited-clients #{})))
clients (some->> client-ids
seq
(pull-many (dc/db conn)
d-clients/full-read))]
(lc/with-context {:clients (map :client/code clients)}
(handler (assoc request
:clients clients
@@ -214,10 +215,16 @@
[handler]
(fn [{:keys [headers identity] :as request}]
(let [x-clients (edn/read-string (get headers "x-clients"))
_ (when-let [client-id (and x-clients
(sequential? x-clients)
(first x-clients))]
(assert-can-see-client identity client-id))
x-clients (try (if-let [client-id (and x-clients
(sequential? x-clients)
(first x-clients))]
(do
(assert-can-see-client identity client-id)
[client-id])
x-clients)
(catch Exception e
(alog/warn ::cant-access :error e)
:all))
new-request (if x-clients
(assoc-in request [:session :client-selection] x-clients)
request)]