wisplite/raster
1
0
Fork 0
mirror of https://github.com/wisplite/raster.git synced 2026-05-01 06:32:44 -05:00
Code Issues Packages Projects Releases Wiki Activity

update get album endpoint to be more reusable

Browse Source
This commit is contained in:
wisplite
2025-11-22 20:59:32 -06:00
parent fe849f558c
commit 062e0d6066
2 changed files with 41 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/internal/routes/album.go
+14 -2
View File
@@ -9,8 +9,20 @@ import (
func RegisterAlbumRoutes(rg *gin.RouterGroup) { func RegisterAlbumRoutes(rg *gin.RouterGroup) {
album := rg.Group("/albums") album := rg.Group("/albums")
album.GET("/getPublic", func(c *gin.Context) { album.GET("/getAlbumsInParent", func(c *gin.Context) {
albums, err := services.GetPublicAlbums() accessToken := c.GetHeader("Authorization")
if accessToken == "" {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
return
}
var request struct {
ParentID string `json:"parentId"`
}
if err := c.ShouldBindJSON(&request); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
albums, err := services.GetAlbumsInParent(request.ParentID, accessToken)
if err != nil { if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()}) c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return return
backend/internal/services/album.go
+27 -3
View File
@@ -9,13 +9,37 @@ import (
"gorm.io/gorm" "gorm.io/gorm"
) )
func GetPublicAlbums() ([]models.Album, error) { func GetAlbumsInParent(parentID string, authToken string) ([]models.Album, error) {
userID, err := ValidateAccessToken(authToken)
if err != nil {
return []models.Album{}, err
}
accessLevel, err := CheckUserAlbumAccess(userID, parentID)
if err != nil {
return []models.Album{}, err
}
if accessLevel < 1 {
return []models.Album{}, fmt.Errorf("user does not have permission to view albums in this parent")
}
albums := []models.Album{} albums := []models.Album{}
result := db.GetDB().Where("private = ?", false).Find(&albums) result := db.GetDB().Where("private = ?", false).Where("parent_id = ?", parentID).Find(&albums)
if result.Error != nil { if result.Error != nil {
return []models.Album{}, result.Error return []models.Album{}, result.Error
} }
return albums, nil filteredAlbums := []models.Album{}
for _, album := range albums {
if album.Private {
accessLevel, err := CheckUserAlbumAccess(userID, album.ID)
if err != nil {
return []models.Album{}, err
}
if accessLevel < 1 {
continue
}
}
filteredAlbums = append(filteredAlbums, album)
}
return filteredAlbums, nil
} }
func GetAlbum(id string, authToken string) (models.Album, error) { func GetAlbum(id string, authToken string) (models.Album, error) {