mirror of
https://github.com/memohai/Memoh.git
synced 2026-04-25 07:00:48 +09:00
Acbox
bcda6f6fe6
- Replace all "Load More" / "Show More" buttons with Pagination components in model-list, bot-compaction, and bot-heartbeat views - Convert backend log APIs (compaction, heartbeat, schedule) from cursor-based (before+limit) to offset+limit pagination with total_count - Update SQL queries to use OFFSET+LIMIT and add COUNT queries - Add shared parseOffsetLimit helper in handler_helpers.go - Regenerate sqlc, Swagger docs, and TypeScript SDK - Clean up unused i18n keys (loadMore, showMore, history.loadMore)
67 lines
2.2 KiB
Go
67 lines
2.2 KiB
Go
package handlers
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"net/http"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"github.com/labstack/echo/v4"
|
|
|
|
"github.com/memohai/memoh/internal/accounts"
|
|
"github.com/memohai/memoh/internal/auth"
|
|
"github.com/memohai/memoh/internal/bots"
|
|
"github.com/memohai/memoh/internal/identity"
|
|
)
|
|
|
|
// RequireChannelIdentityID extracts and validates the channel identity ID from the request context.
|
|
func RequireChannelIdentityID(c echo.Context) (string, error) {
|
|
channelIdentityID, err := auth.UserIDFromContext(c)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
if err := identity.ValidateChannelIdentityID(channelIdentityID); err != nil {
|
|
return "", echo.NewHTTPError(http.StatusBadRequest, err.Error())
|
|
}
|
|
return channelIdentityID, nil
|
|
}
|
|
|
|
// AuthorizeBotAccess validates that the given identity has owner/admin access to the specified bot.
|
|
func AuthorizeBotAccess(ctx context.Context, botService *bots.Service, accountService *accounts.Service, channelIdentityID, botID string) (bots.Bot, error) {
|
|
if botService == nil || accountService == nil {
|
|
return bots.Bot{}, echo.NewHTTPError(http.StatusInternalServerError, "bot services not configured")
|
|
}
|
|
isAdmin, err := accountService.IsAdmin(ctx, channelIdentityID)
|
|
if err != nil {
|
|
return bots.Bot{}, echo.NewHTTPError(http.StatusInternalServerError, err.Error())
|
|
}
|
|
bot, err := botService.AuthorizeAccess(ctx, channelIdentityID, botID, isAdmin)
|
|
if err != nil {
|
|
if errors.Is(err, bots.ErrBotNotFound) {
|
|
return bots.Bot{}, echo.NewHTTPError(http.StatusNotFound, "bot not found")
|
|
}
|
|
if errors.Is(err, bots.ErrBotAccessDenied) {
|
|
return bots.Bot{}, echo.NewHTTPError(http.StatusForbidden, "bot access denied")
|
|
}
|
|
return bots.Bot{}, echo.NewHTTPError(http.StatusInternalServerError, err.Error())
|
|
}
|
|
return bot, nil
|
|
}
|
|
|
|
// parseOffsetLimit extracts limit and offset query parameters with defaults.
|
|
func parseOffsetLimit(c echo.Context) (limit, offset int) {
|
|
limit = 50
|
|
if raw := strings.TrimSpace(c.QueryParam("limit")); raw != "" {
|
|
if v, err := strconv.Atoi(raw); err == nil && v > 0 {
|
|
limit = v
|
|
}
|
|
}
|
|
if raw := strings.TrimSpace(c.QueryParam("offset")); raw != "" {
|
|
if v, err := strconv.Atoi(raw); err == nil && v >= 0 {
|
|
offset = v
|
|
}
|
|
}
|
|
return limit, offset
|
|
}
|