Stuce/sTodo
1
0
Fork 0
Code Issues Pull requests Projects Releases 3 Packages Wiki Activity Actions

removed middleware

Browse source
This commit is contained in:
Stuce 2025-07-02 17:13:50 +01:00
parent 6b8781760c
commit c63309b9e8
4 changed files with 8 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

20
src/Foundation.hs
View file

@ -20,8 +20,6 @@ import Control.Monad.Logger (LogSource)
import Yesod.Default.Util (addStaticContentExternal) import Yesod.Default.Util (addStaticContentExternal)
import Yesod.Core.Types (Logger) import Yesod.Core.Types (Logger)
import qualified Yesod.Core.Unsafe as Unsafe import qualified Yesod.Core.Unsafe as Unsafe
import qualified Data.CaseInsensitive as CI
import qualified Data.Text.Encoding as TE
-- | The foundation datatype for your application. This can be a good place to -- | The foundation datatype for your application. This can be a good place to
-- keep settings and values requiring initialization before your application -- keep settings and values requiring initialization before your application
@ -91,8 +89,8 @@ instance Yesod App where
-- b) Validates that incoming write requests include that token in either a header or POST parameter. -- b) Validates that incoming write requests include that token in either a header or POST parameter.
-- To add it, chain it together with the defaultMiddleware: yesodMiddleware = defaultYesodMiddleware . defaultCsrfMiddleware -- To add it, chain it together with the defaultMiddleware: yesodMiddleware = defaultYesodMiddleware . defaultCsrfMiddleware
-- For details, see the CSRF documentation in the Yesod.Core.Handler module of the yesod-core package. -- For details, see the CSRF documentation in the Yesod.Core.Handler module of the yesod-core package.
yesodMiddleware :: ToTypedContent res => Handler res -> Handler res -- yesodMiddleware :: ToTypedContent res => Handler res -> Handler res
yesodMiddleware = defaultYesodMiddleware . defaultCsrfMiddleware -- yesodMiddleware = defaultYesodMiddleware . defaultCsrfMiddleware
defaultLayout :: Widget -> Handler Html defaultLayout :: Widget -> Handler Html
defaultLayout widget = do defaultLayout widget = do
@ -111,13 +109,12 @@ instance Yesod App where
$(widgetFile "default-layout") $(widgetFile "default-layout")
withUrlRenderer $(hamletFile "templates/default-layout-wrapper.hamlet") withUrlRenderer $(hamletFile "templates/default-layout-wrapper.hamlet")
isAuthorized -- isAuthorized
:: Route App -- ^ The route the user is visiting. -- :: Route App -- ^ The route the user is visiting.
-> Bool -- ^ Whether or not this is a "write" request. -- -> Bool -- ^ Whether or not this is a "write" request.
-> Handler AuthResult -- -> Handler AuthResult
-- Routes not requiring authentication. -- -- Routes not requiring authentication.
-- TODO: check this bullshit if need to change it or not (prolly authelia problem) -- isAuthorized _ _ = return Authorized
isAuthorized _ _ = return Authorized
-- This function creates static content files in the static folder -- This function creates static content files in the static folder
@ -208,7 +205,6 @@ getUserId = do
dbIfAuth :: GroupId -> ReaderT SqlBackend (HandlerFor App) b -> HandlerFor App b dbIfAuth :: GroupId -> ReaderT SqlBackend (HandlerFor App) b -> HandlerFor App b
dbIfAuth groupId action = do dbIfAuth groupId action = do
-- TODO: decide if we prefer fast (rawSql) or safe (type safe persist query) after in production latency tests -- TODO: decide if we prefer fast (rawSql) or safe (type safe persist query) after in production latency tests
-- TODO: optimize the persist implementation anyway
user <- getUserId user <- getUserId
result <- runDB $ selectFirst [GroupUserUser ==. user, GroupUserGroupId ==. groupId] [] result <- runDB $ selectFirst [GroupUserUser ==. user, GroupUserGroupId ==. groupId] []
if isNothing result then permissionDenied "you are not logged in or you dont have access to this group" if isNothing result then permissionDenied "you are not logged in or you dont have access to this group"

6
src/Handler/Group.hs
View file

@ -16,7 +16,6 @@ getGroupR :: Handler Html
getGroupR = do getGroupR = do
userId <- getUserId userId <- getUserId
groups <- getGroups userId groups <- getGroups userId
mToken <- fmap reqToken getRequest
defaultLayout $ do defaultLayout $ do
setTitle "Groups" setTitle "Groups"
[whamlet| [whamlet|
@ -27,8 +26,6 @@ getGroupR = do
<a href=@{TodolistR $ entityKey group}>#{(groupGroup . entityVal) group} <a href=@{TodolistR $ entityKey group}>#{(groupGroup . entityVal) group}
<form action=@{AddGroupR} method="post"> <form action=@{AddGroupR} method="post">
<input type="text" name="group" placeholder="new group"> <input type="text" name="group" placeholder="new group">
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<button type="submit">add <button type="submit">add
<a href=@{EditGroupR}>Edit <a href=@{EditGroupR}>Edit
|] |]
@ -48,7 +45,6 @@ getEditGroupR :: Handler Html
getEditGroupR = do getEditGroupR = do
userId <- getUserId userId <- getUserId
groups <- getGroups userId groups <- getGroups userId
mToken <- fmap reqToken getRequest
defaultLayout $ do defaultLayout $ do
let a e = pack $ show $ fromSqlKey $ entityKey e ::Text let a e = pack $ show $ fromSqlKey $ entityKey e ::Text
setTitle "Groups" setTitle "Groups"
@ -59,8 +55,6 @@ getEditGroupR = do
<li> <li>
<input type="checkbox" name="ids" value="#{a group}"> <input type="checkbox" name="ids" value="#{a group}">
<a href="">#{(groupGroup . entityVal) group} <a href="">#{(groupGroup . entityVal) group}
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<button type=submit>Delete selected <button type=submit>Delete selected
<a href=@{GroupR}>Back <a href=@{GroupR}>Back
|] |]

8
src/Handler/Todolist.hs
View file

@ -23,7 +23,6 @@ postAddTodolistR groupId = do
getTodolistR :: GroupId -> Handler Html getTodolistR :: GroupId -> Handler Html
getTodolistR groupId = do getTodolistR groupId = do
lists <- dbIfAuth groupId (selectList [TodolistGroupId ==. groupId] []) lists <- dbIfAuth groupId (selectList [TodolistGroupId ==. groupId] [])
mToken <- fmap reqToken getRequest
defaultLayout $ do defaultLayout $ do
let getTitle = todolistTitle . entityVal let getTitle = todolistTitle . entityVal
setTitle "todolist" setTitle "todolist"
@ -35,13 +34,9 @@ getTodolistR groupId = do
<a href=@{TodolistItemsR groupId (entityKey list)}>#{getTitle list} <a href=@{TodolistItemsR groupId (entityKey list)}>#{getTitle list}
<form action=@{AddTodolistR groupId} method="post"> <form action=@{AddTodolistR groupId} method="post">
<input type="text" name="list" placeholder="new list"> <input type="text" name="list" placeholder="new list">
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<button type="submit">add <button type="submit">add
<form action=@{AddUserR groupId} method="post"> <form action=@{AddUserR groupId} method="post">
<input type="text" name="user" placeholder="new user"> <input type="text" name="user" placeholder="new user">
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<button type="submit">share <button type="submit">share
<a href=@{EditTodolistR groupId}>Edit <a href=@{EditTodolistR groupId}>Edit
|] |]
@ -50,7 +45,6 @@ getEditTodolistR :: GroupId -> Handler Html
getEditTodolistR groupId = do getEditTodolistR groupId = do
lists <- runDB $ lists <- runDB $
selectList [TodolistGroupId ==. groupId] [Asc TodolistTitle] selectList [TodolistGroupId ==. groupId] [Asc TodolistTitle]
mToken <- fmap reqToken getRequest
defaultLayout $ do defaultLayout $ do
let keyToText e = pack $ show $ fromSqlKey $ entityKey e ::Text let keyToText e = pack $ show $ fromSqlKey $ entityKey e ::Text
setTitle "Groups" setTitle "Groups"
@ -61,8 +55,6 @@ getEditTodolistR groupId = do
<li> <li>
<input type="checkbox" name="ids" value="#{keyToText list}"> <input type="checkbox" name="ids" value="#{keyToText list}">
<a href="">#{(todolistTitle . entityVal) list} <a href="">#{(todolistTitle . entityVal) list}
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<button type=submit>Delete selected <button type=submit>Delete selected
<a href=@{TodolistR groupId}>Back <a href=@{TodolistR groupId}>Back
|] |]

12
src/Handler/TodolistItem.hs
View file

@ -19,7 +19,6 @@ getTodolistItemsR groupId todolistId = do
(Just "value") -> dbIfAuth groupId (selectList [TodolistItemTodolistId ==. todolistId] [Desc TodolistItemValue, Asc TodolistItemId]) (Just "value") -> dbIfAuth groupId (selectList [TodolistItemTodolistId ==. todolistId] [Desc TodolistItemValue, Asc TodolistItemId])
_ -> dbIfAuth groupId (selectList [TodolistItemTodolistId ==. todolistId] [Asc TodolistItemId]) _ -> dbIfAuth groupId (selectList [TodolistItemTodolistId ==. todolistId] [Asc TodolistItemId])
mToken <- fmap reqToken getRequest
defaultLayout $ do defaultLayout $ do
setTitle "items" setTitle "items"
[whamlet| [whamlet|
@ -30,22 +29,14 @@ getTodolistItemsR groupId todolistId = do
$forall item <- items $forall item <- items
<li> <li>
<form action=@{CheckTodolistItemR groupId todolistId (entityKey item)} method="POST"> <form action=@{CheckTodolistItemR groupId todolistId (entityKey item)} method="POST">
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<button type="submit">#{getText item} <button type="submit">#{getText item}
<form action=@{AddTodolistItemR groupId todolistId} method="post"> <form action=@{AddTodolistItemR groupId todolistId} method="post">
<form action=@{AddTodolistItemR groupId todolistId} method="post"> <form action=@{AddTodolistItemR groupId todolistId} method="post">
<input type="text" name="item" placeholder="new item"> <input type="text" name="item" placeholder="new item">
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<button type="submit">add <button type="submit">add
<form action=@{TrimTodolistItemsR groupId todolistId} method="post"> <form action=@{TrimTodolistItemsR groupId todolistId} method="post">
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<button type="submit">trim <button type="submit">trim
<form action=@{SortTodolistItemsR groupId todolistId} method="post"> <form action=@{SortTodolistItemsR groupId todolistId} method="post">
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<button type="submit">sort <button type="submit">sort
<a href=@{EditTodolistItemsR groupId todolistId}>Edit <a href=@{EditTodolistItemsR groupId todolistId}>Edit
|] |]
@ -66,7 +57,6 @@ postAddTodolistItemR groupId todolistId = do
getEditTodolistItemsR :: GroupId -> TodolistId -> Handler Html getEditTodolistItemsR :: GroupId -> TodolistId -> Handler Html
getEditTodolistItemsR groupId todolistId = do getEditTodolistItemsR groupId todolistId = do
items <- dbIfAuth groupId (selectList [TodolistItemTodolistId ==. todolistId] []) items <- dbIfAuth groupId (selectList [TodolistItemTodolistId ==. todolistId] [])
mToken <- fmap reqToken getRequest
let text = unlines $ map getText items let text = unlines $ map getText items
defaultLayout $ do defaultLayout $ do
setTitle "edit" setTitle "edit"
@ -75,8 +65,6 @@ getEditTodolistItemsR groupId todolistId = do
<label for="edit text area">Edit todolist <label for="edit text area">Edit todolist
<br> <br>
<textarea id="edit text area" name=text rows=30 cols=50 placeholder="[x] wake up1&#10;[x] eat&#10;[ ] sleep&#10;[ ] repeat">#{text} <textarea id="edit text area" name=text rows=30 cols=50 placeholder="[x] wake up1&#10;[x] eat&#10;[ ] sleep&#10;[ ] repeat">#{text}
$maybe token <- mToken
<input type="hidden" name="_token" value="#{token}">
<br> <br>
<button type="submit">edit <button type="submit">edit
|] |]