Fossil SCM

Removed an old warning comment. Removed an incorrect perms check in /json/user/save. Added a TODO.

stephan 2011-10-22 16:36 json-multitag-test

Commit 11373d5bb8f40c23433677ffa8a2df38b43a74e1

Parent adfd3db7657fe8f…

1 file changed +11 -5

M src/json_user.c

+11 -5

		--- src/json_user.c
		+++ src/json_user.c
		@@ -183,10 +183,15 @@
183	183	if(uid<=0){
184	184	return json_set_err(FSL_JSON_E_RESOURCE_NOT_FOUND,
185	185	"No login found for user [%s].", zName);
186	186	}
187	187	}
	188	+ /*
	189	+ Todo: reserve the uid=-1 to mean that the user should be created
	190	+ by this request.
	191	+ */
	192	+
188	193	/* Maintenance note: all error-returns from here on out should go
189	194	via goto error in order to clean up.
190	195	*/
191	196
192	197	if(uid != g.userUid){
		@@ -265,21 +270,22 @@
265	270	return g.json.resultCode;
266	271	}
267	272
268	273
269	274	/*
270		-** Don't use - not yet finished.
	275	+** Impl of /json/user/save.
	276	+**
	277	+** TODOs:
	278	+**
	279	+** - Return something useful in the payload (at least the id of the
	280	+** modified/created user).
271	281	*/
272	282	static cson_value * json_user_save(){
273		- if( !g.perm.Admin \|\| !g.perm.Setup ){
274		- json_set_err(FSL_JSON_E_DENIED,
275		- "Requires 'a' or 's' privileges.");
276		- }
277	283	if(! g.json.reqPayload.o ){
278	284	json_set_err(FSL_JSON_E_MISSING_ARGS,
279	285	"User data must be contained in the request payload.");
280	286	return NULL;
281	287
282	288	}
283	289	json_user_update_from_json( g.json.reqPayload.o );
284	290	return NULL;
285	291	}
286	292

	--- src/json_user.c
	+++ src/json_user.c
	@@ -183,10 +183,15 @@
183	if(uid<=0){
184	return json_set_err(FSL_JSON_E_RESOURCE_NOT_FOUND,
185	"No login found for user [%s].", zName);
186	}
187	}





188	/* Maintenance note: all error-returns from here on out should go
189	via goto error in order to clean up.
190	*/
191
192	if(uid != g.userUid){
	@@ -265,21 +270,22 @@
265	return g.json.resultCode;
266	}
267
268
269	/*
270	** Don't use - not yet finished.





271	*/
272	static cson_value * json_user_save(){
273	if( !g.perm.Admin \|\| !g.perm.Setup ){
274	json_set_err(FSL_JSON_E_DENIED,
275	"Requires 'a' or 's' privileges.");
276	}
277	if(! g.json.reqPayload.o ){
278	json_set_err(FSL_JSON_E_MISSING_ARGS,
279	"User data must be contained in the request payload.");
280	return NULL;
281
282	}
283	json_user_update_from_json( g.json.reqPayload.o );
284	return NULL;
285	}
286

	--- src/json_user.c
	+++ src/json_user.c
	@@ -183,10 +183,15 @@
183	if(uid<=0){
184	return json_set_err(FSL_JSON_E_RESOURCE_NOT_FOUND,
185	"No login found for user [%s].", zName);
186	}
187	}
188	/*
189	Todo: reserve the uid=-1 to mean that the user should be created
190	by this request.
191	*/
192
193	/* Maintenance note: all error-returns from here on out should go
194	via goto error in order to clean up.
195	*/
196
197	if(uid != g.userUid){
	@@ -265,21 +270,22 @@
270	return g.json.resultCode;
271	}
272
273
274	/*
275	** Impl of /json/user/save.
276	**
277	** TODOs:
278	**
279	** - Return something useful in the payload (at least the id of the
280	** modified/created user).
281	*/
282	static cson_value * json_user_save(){




283	if(! g.json.reqPayload.o ){
284	json_set_err(FSL_JSON_E_MISSING_ARGS,
285	"User data must be contained in the request payload.");
286	return NULL;
287
288	}
289	json_user_update_from_json( g.json.reqPayload.o );
290	return NULL;
291	}
292