func upsertPermissionsHandler(mapper *pgmapper.Mapper, objectIdExtractor idextractor.Extractor) http.Handler {
result := func(w http.ResponseWriter, r *http.Request) {
objectId, err := objectIdExtractor(r)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
ids, ok := r.URL.Query()["sid"]
entity := make(map[string]interface{})
err = json.NewDecoder(r.Body).Decode(&entity)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
if ok {
err = mapper.Execute("SELECT insert_bulk_permissions(%v)", objectId, entity["create_permission"], entity["read_permission"], entity["update_permission"], entity["delete_permission"], ids)
} else {
_, err = mapper.ExecuteRaw("insert into acl_entries(object_id,sid,create_permission,read_permission,update_permission,delete_permission) values($1,$2,$3,$4,$5,$6) ON CONFLICT (object_id,sid) DO UPDATE SET create_permission = $3, read_permission = $4, update_permission = $5, delete_permission = $6 where acl_entries.sid = $2 AND acl_entries.object_id = $1", objectId, entity["sid"], entity["create_permission"], entity["read_permission"], entity["update_permission"], entity["delete_permission"])
}
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
}
return http.Handler(http.HandlerFunc(result))
}
func deleteObjectHandler(mapper *pgmapper.Mapper, extractor idextractor.Extractor) http.Handler {
result := func(w http.ResponseWriter, r *http.Request) {
objectId, err := extractor(r)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
_, err = mapper.ExecuteRaw("delete from object_identities where id = $1", objectId)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
}
return http.Handler(http.HandlerFunc(result))
}
