ClaytonWWilson/Listify
1
0
Fork 0
mirror of https://github.com/ClaytonWWilson/Listify.git synced 2026-04-25 22:05:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Stricter access checking

Browse Source 
Properly restrict access to list actions to only authorized users.
This commit is contained in:
NMerz
2020-11-14 14:29:48 -05:00
parent 82272a9a29
commit 954b52dc0a
11 changed files with 132 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Listify/app/src/main/java/com/example/listify/ListPage.java
View File

@@ -114,7 +114,7 @@ public class ListPage extends AppCompatActivity implements Requestor.Receiver {
public void onClick(DialogInterface dialog, int which) {
EditText sharedEmailText = (EditText) codeView.findViewById(R.id.editTextTextSharedEmail);
String sharedEmail = sharedEmailText.getText().toString();
ListShare listShare = new ListShare(listID, sharedEmail, "Read, Edit, Delete");
ListShare listShare = new ListShare(listID, sharedEmail, "Read, Edit, Delete, Share");
try {
requestor.postObject(listShare);
}

2
Listify/app/src/main/java/com/example/listify/adapter/ShoppingListsSwipeableAdapter.java
View File

@@ -129,7 +129,7 @@ public class ShoppingListsSwipeableAdapter extends BaseAdapter {
public void onClick(DialogInterface dialog, int which) {
EditText sharedEmailText = (EditText) codeView.findViewById(R.id.editTextTextSharedEmail);
String sharedEmail = sharedEmailText.getText().toString();
ListShare listShare = new ListShare(curList.getItemID(), sharedEmail, "Read, Edit, Delete");
ListShare listShare = new ListShare(curList.getItemID(), sharedEmail, "Read, Edit, Delete, Share");
try {
requestor.postObject(listShare);
}

16
Listify/app/src/main/java/com/example/listify/data/ListShare.java
View File

@@ -3,7 +3,6 @@ package com.example.listify.data;
import com.example.listify.BuildConfig;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Map;
@@ -15,10 +14,12 @@ public class ListShare {
private static final Map<Integer, String> keysToPerms;
static {
//All keys should be a prime number > 1
//All keys need to be maintained here and in List module->ListPermissions class on the Lambda side
HashMap<Integer, String> keysToPermsTemp = new HashMap<>();
keysToPermsTemp.put(2, "Read");
keysToPermsTemp.put(3, "Edit");
keysToPermsTemp.put(5, "Delete");
keysToPermsTemp.put(2, "read");
keysToPermsTemp.put(3, "write");
keysToPermsTemp.put(5, "delete");
keysToPermsTemp.put(7, "share");
keysToPerms = Collections.unmodifiableMap(keysToPermsTemp);
}
@@ -28,7 +29,8 @@ public class ListShare {
this.permissionLevel = permissionLevel;
}
public ListShare(Integer listID, String shareWithEmail, String permissions) {
public ListShare(Integer listID, String shareWithEmail, String permissionsRaw) {
String permissions = permissionsRaw.toLowerCase();
this.listID = listID;
this.shareWithEmail = shareWithEmail;
permissionLevel = 1;
@@ -48,8 +50,8 @@ public class ListShare {
" [Permissions: ");
int permissionLevelCopy = permissionLevel;
for (Object permissionObject : keysToPerms.keySet().stream().sorted(Comparator.reverseOrder()).toArray()) {
Integer permissionInteger = (Integer) permissionObject;
for (Integer permissionObject : keysToPerms.keySet()) {
Integer permissionInteger = permissionObject;
if (permissionLevelCopy % permissionInteger == 0) {
permissionLevelCopy /= permissionInteger;
toReturn.append(keysToPerms.get(permissionInteger)).append(",");