Created
August 7, 2012 16:33
-
-
Save tohenryliu/3287076 to your computer and use it in GitHub Desktop.
how to fail inside for comprehension of actionmonad
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for{ | |
| u <- UserStore.getFull(requesterRef) | |
| // .map{usr=> if(false) notAuthorizedC("x") else usr} | |
| .map{usr=>UserRefs.ById(usr.id)} | |
| // _ <- if (u.status == Statuses.Active) success | |
| // else notAuthorizedC("Unable to retrieve the permissions for post: [%s] and requester: [%s]".format(postRef, requesterRef)) | |
| r <- postRef match { | |
| case ref:PostRefs.ById => | |
| getPermitedOperationsForPostsById(Set(ref), u) | |
| .map[ReaderCtx, Set[Operation]]{r=> r(ref)} | |
| case ref:PostRefs.ByPermalink => | |
| getPermitedOperationsForPostsByPermalink(Set(ref), u) | |
| .map[ReaderCtx, Set[Operation]]{r=> r(ref)} | |
| } | |
| } yield (r) |
i think what we should do is test the user's status in the SQL WHERE clause. this will work because you are retrieving all posts based upon the user's permissions. thus the following conditions will help
u.id = {user_id} AND u.status = 'active'::user_statuses
You several options available to you:
// Technique 1 - simple if
for{
u <- UserStore.getFull(requesterRef)
_ <- if (u.status == Statuses.Active) unitWriteResult
else notAuthorizedC("Unable to retrieve the permissions for post: [%s] and requester: [%s]".format(postRef, requesterRef))
r <- postRef match {
case ref:PostRefs.ById =>
getPermitedOperationsForPostsById(Set(ref), u)
.map[ReaderCtx, Set[Operation]]{r=> r(ref)}
case ref:PostRefs.ByPermalink =>
getPermitedOperationsForPostsByPermalink(Set(ref), u)
.map[ReaderCtx, Set[Operation]]{r=> r(ref)}
}
} yield (r)
// Technique 2 - "monadic if"
for{
u <- UserStore.getFull(requesterRef) ifM(_.status == Statuses.Active) onTrueMap(_.successPoint(Private)) onFalse(notAuthorizedC("Unable to retrieve the permissions for post: [%s] and requester: [%s]".format(postRef, requesterRef)))
r <- postRef match {
case ref:PostRefs.ById =>
getPermitedOperationsForPostsById(Set(ref), u)
.map[ReaderCtx, Set[Operation]]{r=> r(ref)}
case ref:PostRefs.ByPermalink =>
getPermitedOperationsForPostsByPermalink(Set(ref), u)
.map[ReaderCtx, Set[Operation]]{r=> r(ref)}
}
} yield (r)
// Technique 3 - "monadic 'when'"
for{
u <- UserStore.getFull(requesterRef) when(_.status != Statuses.Active) apply notAuthorizedC("Unable to retrieve the permissions for post: [%s] and requester: [%s]".format(postRef, requesterRef))
r <- postRef match {
case ref:PostRefs.ById =>
getPermitedOperationsForPostsById(Set(ref), u)
.map[ReaderCtx, Set[Operation]]{r=> r(ref)}
case ref:PostRefs.ByPermalink =>
getPermitedOperationsForPostsByPermalink(Set(ref), u)
.map[ReaderCtx, Set[Operation]]{r=> r(ref)}
}
} yield (r)
@peterjanovsky is probably more correct: better to handle this in SQL first rather than bring it back to the client
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I need to test the user status in the middle of the for comprehension for the actionmonad. line 3 or 5,6
not sure how to do it.