ClaytonWWilson/Listify
1
0
Fork 0
mirror of https://github.com/ClaytonWWilson/Listify.git synced 2026-03-10 18:55:03 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into aaron-branch-2

Browse Source
This commit is contained in:
Aaron Sun
2020-11-15 17:36:31 -08:00
committed by GitHub
parent 519feec6f4 254f771e6e
commit 6e3402a8e5
34 changed files with 580 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Lambdas/Lists/ListShare/src/ListSharePOST.java → Lambdas/Lists/ListShare/src/ListSharePUT.java
View File

@@ -3,7 +3,7 @@ import com.amazonaws.services.lambda.runtime.RequestHandler;
import java.util.Map;
public class ListSharePOST implements RequestHandler<Map<String,Object>, Object> {
public class ListSharePUT implements RequestHandler<Map<String,Object>, Object> {
public Object handleRequest(Map<String, Object> inputMap, Context unfilled) {
return BasicHandler.handleRequest(inputMap, unfilled, ListSharer.class);

24
Lambdas/Lists/ListShare/src/ListSharer.java
View File

@@ -22,7 +22,8 @@ public class ListSharer implements CallHandler {
}
final private String CHECK_ACCESS = "SELECT * from ListSharee WHERE listID = ? AND userID = ?;";
final private String SHARE_LIST = "INSERT INTO ListSharee(listID, userID) VALUES(?, ?);";
final private String SHARE_LIST = "INSERT INTO ListSharee(listID, userID, permissionLevel, uiPosition) VALUES(?, ?, ?, ?) ON DUPLICATE KEY UPDATE permissionLevel = ?;";
public Object conductAction(Map<String, Object> bodyMap, HashMap<String, String> queryString, String cognitoID) throws SQLException {
PreparedStatement checkAccess = connection.prepareStatement(CHECK_ACCESS);
@@ -30,8 +31,12 @@ public class ListSharer implements CallHandler {
checkAccess.setInt(1, listID);
checkAccess.setString(2, cognitoID);
ResultSet checkAccessRS = checkAccess.executeQuery();
if (!checkAccessRS.next()) {
throw new AccessControlException("The requesting user does not have access to the requested list");
if (checkAccessRS.next()) {
if (!ListPermissions.hasPermission(checkAccessRS.getInt("permissionLevel"), "Share")) {
throw new AccessControlException("User " + cognitoID + " does not have share permissions for list " + listID);
}
} else {
throw new AccessControlException("User " + cognitoID + " does not have any permissions to access list " + listID);
}
InvokeRequest invokeRequest = new InvokeRequest();
invokeRequest.setFunctionName("UserGET");
@@ -52,15 +57,18 @@ public class ListSharer implements CallHandler {
throw new InputMismatchException("Could not find specified user to share with");
}
String shareWithSub = new String(invokeResult.getPayload().array()).replace("\"", "");
checkAccess.setString(2, shareWithSub);
checkAccessRS = checkAccess.executeQuery();
if (checkAccessRS.next()) {
throw new InputMismatchException("The specified user already has access");
}
// checkAccess.setString(2, shareWithSub);
// checkAccessRS = checkAccess.executeQuery();
// if (checkAccessRS.next()) {
// throw new InputMismatchException("The specified user already has access");
// }
PreparedStatement shareList = connection.prepareStatement(SHARE_LIST);
shareList.setInt(1, listID);
shareList.setString(2, shareWithSub);
Integer permissionLevel = Integer.parseInt(bodyMap.get("permissionLevel").toString());
shareList.setInt(3, permissionLevel);
shareList.setInt(4, permissionLevel);
shareList.executeUpdate();
connection.commit();
return null;