notid/integreat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes permissions issues

Browse Source
This commit is contained in:
Bryce
2023-09-04 14:13:53 -07:00
parent dcf1c8d990
commit 44dd04f788
1 changed files with 17 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/clj/auto_ap/handler.clj
View File

@@ -197,13 +197,14 @@
(map :db/id ) (map :db/id )
set) set)
client-ids (if (set? limited-clients) client-ids (if (= "admin" (:user/role identity))
ideal-ids
(set/intersection ideal-ids (set/intersection ideal-ids
limited-clients) (or limited-clients #{})))
ideal-ids) clients (some->> client-ids
clients (pull-many (dc/db conn) seq
d-clients/full-read (pull-many (dc/db conn)
client-ids)] d-clients/full-read))]
(lc/with-context {:clients (map :client/code clients)} (lc/with-context {:clients (map :client/code clients)}
(handler (assoc request (handler (assoc request
:clients clients :clients clients
@@ -214,10 +215,16 @@
[handler] [handler]
(fn [{:keys [headers identity] :as request}] (fn [{:keys [headers identity] :as request}]
(let [x-clients (edn/read-string (get headers "x-clients")) (let [x-clients (edn/read-string (get headers "x-clients"))
_ (when-let [client-id (and x-clients x-clients (try (if-let [client-id (and x-clients
(sequential? x-clients) (sequential? x-clients)
(first x-clients))] (first x-clients))]
(assert-can-see-client identity client-id)) (do
(assert-can-see-client identity client-id)
[client-id])
x-clients)
(catch Exception e
(alog/warn ::cant-access :error e)
:all))
new-request (if x-clients new-request (if x-clients
(assoc-in request [:session :client-selection] x-clients) (assoc-in request [:session :client-selection] x-clients)
request)] request)]