aboutsummaryrefslogtreecommitdiff
path: root/src/server/Secure.hs
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/Secure.hs')
-rw-r--r--src/server/Secure.hs23
1 files changed, 19 insertions, 4 deletions
diff --git a/src/server/Secure.hs b/src/server/Secure.hs
index 94ee8a9..1fef713 100644
--- a/src/server/Secure.hs
+++ b/src/server/Secure.hs
@@ -8,16 +8,31 @@ import Web.Scotty
import Network.HTTP.Types.Status (forbidden403)
-import Data.Text (Text)
+import Database.Persist (Entity)
+
+import Model.Database (User, runDb)
+import Model.User (getUser)
+
+import Control.Monad.IO.Class (liftIO)
+
+import qualified Data.Text as T
+import qualified Data.Text.IO as TIO
import qualified LoginSession
-loggedAction :: (Text -> ActionM ()) -> ActionM ()
+loggedAction :: (Entity User -> ActionM ()) -> ActionM ()
loggedAction action = do
maybeLogin <- LoginSession.get
case maybeLogin of
- Just login ->
- action login
+ Just login -> do
+ maybeUser <- liftIO . runDb $ getUser login
+ case maybeUser of
+ Just user ->
+ action user
+ Nothing -> do
+ status forbidden403
+ liftIO . TIO.putStrLn . T.concat $ ["Could not find the user which login is ", login]
+ html "Could not find a user from your login"
Nothing -> do
status forbidden403
html "You need to be logged in to perform this action"
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 11:36:10 +0000