Merge #719: Missing authorization logic in the get_site method of the…

… settings service ef72487 feat: added authorization logic to the get_site method (Mario) Pull request description: ACKs for top commit: josecelano: ACK ef72487 Tree-SHA512: 80f73f81533276c3b179ee7f568713d5ff39b5f059eea167cbd040a827a1e352ee4fa759466d694168b2d086a71fbd8a3bc745d987f5cc8567adeacb94d5f550
torrust · Aug 20, 2024 · ba52eed · ba52eed
2 parents 146cd54 + ef72487
commit ba52eed
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 6 deletions.
diff --git a/src/services/authorization.rs b/src/services/authorization.rs
@@ -40,6 +40,7 @@ pub enum ACTION {
     GetSettings,
     GetSettingsSecret,
     GetPublicSettings,
+    GetSiteName,
     AddTag,
     DeleteTag,
     GetTags,
@@ -236,6 +237,7 @@ impl Default for CasbinConfiguration {
                 admin, GetSettings
                 admin, GetSettingsSecret
                 admin, GetPublicSettings
+                admin, GetSiteName
                 admin, AddTag
                 admin, DeleteTag
                 admin, GetTags
@@ -252,6 +254,7 @@ impl Default for CasbinConfiguration {
                 registered, GetCategories
                 registered, GetImageByUrl
                 registered, GetPublicSettings
+                registered, GetSiteName
                 registered, GetTags
                 registered, AddTorrent
                 registered, GetTorrent
@@ -263,6 +266,7 @@ impl Default for CasbinConfiguration {
                 guest, GetLicensePage
                 guest, GetCategories
                 guest, GetPublicSettings
+                guest, GetSiteName
                 guest, GetTags
                 guest, GetTorrent
                 guest, GetTorrentInfo

diff --git a/src/services/settings.rs b/src/services/settings.rs
@@ -76,8 +76,12 @@ impl Service {
     /// # Errors
     ///
     /// It returns an error if the user does not have the required permissions.
-    pub async fn get_site_name(&self) -> String {
-        self.configuration.get_site_name().await
+    pub async fn get_site_name(&self, maybe_user_id: Option<UserId>) -> Result<String, ServiceError> {
+        self.authorization_service
+            .authorize(ACTION::GetSiteName, maybe_user_id)
+            .await?;
+
+        Ok(self.configuration.get_site_name().await)
     }
 }
 

diff --git a/src/web/api/server/v1/contexts/settings/handlers.rs b/src/web/api/server/v1/contexts/settings/handlers.rs
@@ -42,8 +42,12 @@ pub async fn get_public_handler(
 
 /// Get website name.
 #[allow(clippy::unused_async)]
-pub async fn get_site_name_handler(State(app_data): State<Arc<AppData>>) -> Response {
-    let site_name = app_data.settings_service.get_site_name().await;
-
-    Json(responses::OkResponseData { data: site_name }).into_response()
+pub async fn get_site_name_handler(
+    State(app_data): State<Arc<AppData>>,
+    ExtractOptionalLoggedInUser(maybe_user_id): ExtractOptionalLoggedInUser,
+) -> Response {
+    match app_data.settings_service.get_site_name(maybe_user_id).await {
+        Ok(site_name) => Json(responses::OkResponseData { data: site_name }).into_response(),
+        Err(error) => error.into_response(),
+    }
 }