packages feed

avers-server 0.0.19.0 → 0.1.0

raw patch · 4 files changed

+14/−10 lines, 4 filesdep −eitherPVP ok

version bump matches the API change (PVP)

Dependencies removed: either

API changes (from Hackage documentation)

Files

avers-server.cabal view
@@ -1,5 +1,5 @@ name:                avers-server-version:             0.0.19.0+version:             0.1.0 synopsis:            Server implementation of the Avers API description:         Server implementation of the Avers API homepage:            http://github.com/wereHamster/avers-server@@ -39,7 +39,6 @@    , containers    , cookie    , cryptonite-   , either    , http-types    , memory    , mtl
src/Avers/Server.hs view
@@ -68,7 +68,8 @@ credentialsObjId :: Handle -> Credentials -> Handler ObjId credentialsObjId aversH cred = do     errOrObjId <- case cred of-        SessionIdCredential sId -> liftIO $ evalAvers aversH $+        CredAnonymous -> throwError err401+        CredSessionId sId -> liftIO $ evalAvers aversH $             sessionObjId <$> lookupSession sId      case errOrObjId of@@ -296,7 +297,8 @@     serveChangeSecret cred ChangeSecretBody{..} = do         reqAvers aversH $ do             Session{..} <- case cred of-                SessionIdCredential sId -> lookupSession sId+                CredAnonymous -> throwError NotAuthorized+                CredSessionId sId -> lookupSession sId              updateSecret (SecretId $ unObjId sessionObjId) csbNewSecret 
src/Avers/Server/Authorization.hs view
@@ -47,19 +47,22 @@     , lookupObjectAuthz = \cred objId ->         [ sufficient $ do             session <- case cred of-                SessionIdCredential sId -> lookupSession sId+                CredAnonymous -> throwError NotAuthorized+                CredSessionId sId -> lookupSession sId             sessionCreatedObject session objId         ]     , patchObjectAuthz = \cred objId _ ->         [ sufficient $ do             session <- case cred of-                SessionIdCredential sId -> lookupSession sId+                CredAnonymous -> throwError NotAuthorized+                CredSessionId sId -> lookupSession sId             sessionCreatedObject session objId         ]     , deleteObjectAuthz = \cred objId ->         [ sufficient $ do             session <- case cred of-                SessionIdCredential sId -> lookupSession sId+                CredAnonymous -> throwError NotAuthorized+                CredSessionId sId -> lookupSession sId             sessionCreatedObject session objId         ]     , uploadBlobAuthz = \_ _ -> [pure AllowR]
src/Avers/Server/Instances.hs view
@@ -43,10 +43,10 @@                 mbSessionIdText = lookup "session" =<< fmap parseCookiesText mbCookieHeaders              case mbSessionIdText of-                Nothing -> delayedFailFatal err401+                Nothing -> pure CredAnonymous                 Just sessionIdText -> case parseQueryParam sessionIdText of-                    Left _ -> delayedFailFatal err401-                    Right sId -> pure $ SessionIdCredential $ SessionId sId+                    Left _ -> delayedFailFatal err400+                    Right sId -> pure $ CredSessionId $ SessionId sId