Fix attendance_list and stats allow lv40+ view info
Some checks failed
Server Check Build (NixCN CMS) TeamCity build failed
Some checks failed
Server Check Build (NixCN CMS) TeamCity build failed
Signed-off-by: Asai Neko <sugar@sne.moe>
This commit is contained in:
@@ -94,17 +94,34 @@ func (self *EventServiceImpl) AttendanceList(payload *AttendanceListPayload) (re
|
||||
}
|
||||
|
||||
if eventData.Owner != payload.UserId {
|
||||
exc := exception.New(
|
||||
exception.WithStatus(exception.StatusUser),
|
||||
exception.WithType(exception.TypeSpecific),
|
||||
exception.WithOriginal(exception.EventAttendanceListError),
|
||||
exception.WithError(errors.New("only the event owner may view the attendance list")),
|
||||
).Throw(ctx)
|
||||
callerData, err := new(data.User).GetByUserId(ctx, &payload.UserId)
|
||||
if err != nil {
|
||||
exc := exception.New(
|
||||
exception.WithStatus(exception.StatusServer),
|
||||
exception.WithType(exception.TypeCommon),
|
||||
exception.WithOriginal(exception.CommonErrorDatabase),
|
||||
exception.WithError(err),
|
||||
).Throw(ctx)
|
||||
|
||||
result = &AttendanceListResult{
|
||||
Common: shared.CommonResult{HttpCode: 403, Exception: exc},
|
||||
result = &AttendanceListResult{
|
||||
Common: shared.CommonResult{HttpCode: 500, Exception: exc},
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
if callerData == nil || callerData.PermissionLevel < 40 {
|
||||
exc := exception.New(
|
||||
exception.WithStatus(exception.StatusUser),
|
||||
exception.WithType(exception.TypeSpecific),
|
||||
exception.WithOriginal(exception.EventAttendanceListError),
|
||||
exception.WithError(errors.New("only the event owner may view the attendance list")),
|
||||
).Throw(ctx)
|
||||
|
||||
result = &AttendanceListResult{
|
||||
Common: shared.CommonResult{HttpCode: 403, Exception: exc},
|
||||
}
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
limit := 20
|
||||
|
||||
@@ -88,17 +88,34 @@ func (self *EventServiceImpl) Stats(payload *EventStatsPayload) (result *EventSt
|
||||
}
|
||||
|
||||
if eventData.Owner != payload.UserId {
|
||||
exc := exception.New(
|
||||
exception.WithStatus(exception.StatusUser),
|
||||
exception.WithType(exception.TypeSpecific),
|
||||
exception.WithOriginal(exception.EventStatsNotOwner),
|
||||
exception.WithError(errors.New("only the event owner may view event stats")),
|
||||
).Throw(ctx)
|
||||
callerData, err := new(data.User).GetByUserId(ctx, &payload.UserId)
|
||||
if err != nil {
|
||||
exc := exception.New(
|
||||
exception.WithStatus(exception.StatusServer),
|
||||
exception.WithType(exception.TypeCommon),
|
||||
exception.WithOriginal(exception.CommonErrorDatabase),
|
||||
exception.WithError(err),
|
||||
).Throw(ctx)
|
||||
|
||||
result = &EventStatsResult{
|
||||
Common: shared.CommonResult{HttpCode: 403, Exception: exc},
|
||||
result = &EventStatsResult{
|
||||
Common: shared.CommonResult{HttpCode: 500, Exception: exc},
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
if callerData == nil || callerData.PermissionLevel < 40 {
|
||||
exc := exception.New(
|
||||
exception.WithStatus(exception.StatusUser),
|
||||
exception.WithType(exception.TypeSpecific),
|
||||
exception.WithOriginal(exception.EventStatsNotOwner),
|
||||
exception.WithError(errors.New("only the event owner may view event stats")),
|
||||
).Throw(ctx)
|
||||
|
||||
result = &EventStatsResult{
|
||||
Common: shared.CommonResult{HttpCode: 403, Exception: exc},
|
||||
}
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
attRepo := new(data.Attendance)
|
||||
|
||||
Reference in New Issue
Block a user