Created
November 18, 2014 22:07
-
-
Save jebberjeb/3624fb4c9fbfbc0788f6 to your computer and use it in GitHub Desktop.
Rather than 401 via ring middleware, macros
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (defn request* [method route-path privilege route-params handler] | |
| `(~method ~route-path ~route-params | |
| (fn [req#] (let [user# (get-in req# [:session :current-user])] | |
| (if (access/has-access? user# ~privilege) | |
| (~handler req#) | |
| ~response-401))))) | |
| (defmacro GET* [route-path privilege route-params handler] | |
| (request* `GET route-path privilege route-params handler)) | |
| (defmacro POST* [route-path privilege route-params handler] | |
| (request* `POST route-path privilege route-params handler)) | |
| ;; When implementing a middleware to do an access check on a route, | |
| ;; there are a few problems: | |
| ;; 1. Maintenance of separate route->perm map | |
| ;; 2. Failing, responding w/ 401, prevents other handlers from | |
| ;; firing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment