// setAllowHeader builds a Allow header based on the resource configuration. func setAllowHeader(headers http.Header, isItem bool, conf resource.Conf) { methods := []string{} if isItem { // Methods are sorted if conf.IsModeAllowed(resource.Update) { methods = append(methods, "DELETE") } if conf.IsModeAllowed(resource.Read) { methods = append(methods, "GET, HEAD") } if conf.IsModeAllowed(resource.Update) { methods = append(methods, "PATCH") // See http://tools.ietf.org/html/rfc5789#section-3 headers.Set("Allow-Patch", "application/json") } if conf.IsModeAllowed(resource.Create) || conf.IsModeAllowed(resource.Replace) { methods = append(methods, "PUT") } } else { // Methods are sorted if conf.IsModeAllowed(resource.Clear) { methods = append(methods, "DELETE") } if conf.IsModeAllowed(resource.List) { methods = append(methods, "GET, HEAD") } if conf.IsModeAllowed(resource.Create) { methods = append(methods, "POST") } } if len(methods) > 0 { headers.Set("Allow", strings.Join(methods, ", ")) } }
// isMethodAllowed returns true if the method is allowed by the configuration func isMethodAllowed(isItem bool, method string, conf resource.Conf) bool { if isItem { switch method { case http.MethodOptions: return true case http.MethodHead, http.MethodGet: return conf.IsModeAllowed(resource.Read) case http.MethodPut: return conf.IsModeAllowed(resource.Create) || conf.IsModeAllowed(resource.Replace) case http.MethodPatch: return conf.IsModeAllowed(resource.Update) case http.MethodDelete: return conf.IsModeAllowed(resource.Delete) } } else { switch method { case http.MethodOptions: return true case http.MethodHead, http.MethodGet: return conf.IsModeAllowed(resource.List) case http.MethodPost: return conf.IsModeAllowed(resource.Create) case http.MethodDelete: return conf.IsModeAllowed(resource.Clear) } } return false }