Mercurial > gemma
view pkg/middleware/json.go @ 4723:baabc2b2f094
Avoid creating user profiles without matching role
The INSTEAD OF triggers on users.list_users did that already, but
profile data coming e.g. via restoring a dump had been added also
if there was no matching database role in the cluster.
This also unifies the errors occuring on creation of users with existing
role names that differed between roles with and without profile before.
Note this is no referential integrity. A dropped role still leaves an
orphaned profile behind.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Thu, 17 Oct 2019 18:56:59 +0200 |
parents | 4394daeea96a |
children | 6270951dda28 |
line wrap: on
line source
// This is Free Software under GNU Affero General Public License v >= 3.0 // without warranty, see README.md and license for details. // // SPDX-License-Identifier: AGPL-3.0-or-later // License-Filename: LICENSES/AGPL-3.0.txt // // Copyright (C) 2019 by via donau // – Österreichische Wasserstraßen-Gesellschaft mbH // Software engineering by Intevation GmbH // // Author(s): // * Sascha L. Teichmann <sascha.teichmann@intevation.de> package middleware import ( "context" "encoding/json" "io" "net/http" ) type jsonInputKeyType int const jsonInputKey jsonInputKeyType = 0 // DefaultLimit limits the incoming JSON payload to 2K to // prevent flooding the server. const DefaultLimit = 2048 // GetJSONInput returns the deserialized JSON data from // the incoming request if any. func GetJSONInput(req *http.Request) interface{} { return req.Context().Value(jsonInputKey) } // JSONMiddleware is a middleware to deserialize the incomming // request body to a object to be created by a given input function // and stores the result into the context. // GetJSONInput can be used to receive the deserialized data. // limit limits the size of the incoming body to prevent // flooding the server. func JSONMiddleware(next http.Handler, input func(*http.Request) interface{}, limit int64) http.Handler { return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { dst := input(req) defer req.Body.Close() var r io.Reader switch { case limit == 0: r = io.LimitReader(req.Body, DefaultLimit) case limit > 0: r = io.LimitReader(req.Body, limit) default: r = req.Body } if err := json.NewDecoder(r).Decode(dst); err != nil { http.Error(rw, "error: "+err.Error(), http.StatusBadRequest) return } parent := req.Context() ctx := context.WithValue(parent, jsonInputKey, input) req = req.WithContext(ctx) next.ServeHTTP(rw, req) }) }