diff options
| author | Steve <nilslice@gmail.com> | 2017-03-11 12:27:59 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-03-11 12:27:59 -0800 |
| commit | a69060728b5f99bb41c9562dcd294f6fc74d4b22 (patch) | |
| tree | 640bb67e0772e0caf30602b6245d930ca77d392a | |
| parent | 2382cfa169c53f995272f82d99986528b00415e6 (diff) | |
| parent | d063005c74e1bef1f15f391bcf1b57a6398f9578 (diff) | |
Merge pull request #96 from kkeuning/ponzu-dev
ErrNoAuth from either BeforeAcceptUpdate or AcceptUpdate will return 401
| -rw-r--r-- | system/api/update.go | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/system/api/update.go b/system/api/update.go index da79330..3a92a84 100644 --- a/system/api/update.go +++ b/system/api/update.go @@ -21,7 +21,6 @@ var ErrNoAuth = errors.New("Auth failed for update request.") // /api/content/update?type=Review&id=1 type Updateable interface { // AcceptUpdate allows external content update submissions of a specific type - // user.IsValid(req) may be checked in AcceptUpdate to validate the request AcceptUpdate(http.ResponseWriter, *http.Request) error } @@ -139,6 +138,10 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) { err = hook.BeforeAcceptUpdate(res, req) if err != nil { log.Println("[Update] error calling BeforeAcceptUpdate:", err) + if err == ErrNoAuth { + // BeforeAcceptUpdate can check user.IsValid(req) for auth + res.WriteHeader(http.StatusUnauthorized) + } return } @@ -146,6 +149,7 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) { if err != nil { log.Println("[Update] error calling AcceptUpdate:", err) if err == ErrNoAuth { + // AcceptUpdate can check user.IsValid(req) for auth res.WriteHeader(http.StatusUnauthorized) } return |