Example #1
0
// setAllowHeader builds a Allow header based on the resource configuration.
func setAllowHeader(headers http.Header, isItem bool, conf resource.Conf) {
	methods := []string{}
	if isItem {
		// Methods are sorted
		if conf.IsModeAllowed(resource.Update) {
			methods = append(methods, "DELETE")
		}
		if conf.IsModeAllowed(resource.Read) {
			methods = append(methods, "GET, HEAD")
		}
		if conf.IsModeAllowed(resource.Update) {
			methods = append(methods, "PATCH")
			// See http://tools.ietf.org/html/rfc5789#section-3
			headers.Set("Allow-Patch", "application/json")
		}
		if conf.IsModeAllowed(resource.Create) || conf.IsModeAllowed(resource.Replace) {
			methods = append(methods, "PUT")
		}
	} else {
		// Methods are sorted
		if conf.IsModeAllowed(resource.Clear) {
			methods = append(methods, "DELETE")
		}
		if conf.IsModeAllowed(resource.List) {
			methods = append(methods, "GET, HEAD")
		}
		if conf.IsModeAllowed(resource.Create) {
			methods = append(methods, "POST")
		}
	}
	if len(methods) > 0 {
		headers.Set("Allow", strings.Join(methods, ", "))
	}
}
Example #2
0
// isMethodAllowed returns true if the method is allowed by the configuration
func isMethodAllowed(isItem bool, method string, conf resource.Conf) bool {
	if isItem {
		switch method {
		case http.MethodOptions:
			return true
		case http.MethodHead, http.MethodGet:
			return conf.IsModeAllowed(resource.Read)
		case http.MethodPut:
			return conf.IsModeAllowed(resource.Create) || conf.IsModeAllowed(resource.Replace)
		case http.MethodPatch:
			return conf.IsModeAllowed(resource.Update)
		case http.MethodDelete:
			return conf.IsModeAllowed(resource.Delete)
		}
	} else {
		switch method {
		case http.MethodOptions:
			return true
		case http.MethodHead, http.MethodGet:
			return conf.IsModeAllowed(resource.List)
		case http.MethodPost:
			return conf.IsModeAllowed(resource.Create)
		case http.MethodDelete:
			return conf.IsModeAllowed(resource.Clear)
		}
	}
	return false
}