style: format misc

Author: fulleni

lib/src/middlewares/authorization_middleware.dart

@@ -108,7 +108,8 @@ Middleware authorizationMiddleware() {
           // If user is null here, it means requiresAuthentication was false,
           // but specificPermission implies authentication. This is a misconfiguration
           // or an attempt to access a protected resource publicly.
-          if (user == null || !permissionService.hasPermission(user, permission)) {
+          if (user == null ||
+              !permissionService.hasPermission(user, permission)) {
             throw const ForbiddenException(
               'You do not have permission to perform this action.',
             );

lib/src/middlewares/ownership_check_middleware.dart

@@ -53,7 +53,9 @@ Middleware ownershipCheckMiddleware() {
           permission = modelConfig.deletePermission;
         default:
           // For any other methods, no ownership check is performed.
-          _log.finer('Method "$method" does not require ownership check. Skipping.');
+          _log.finer(
+            'Method "$method" does not require ownership check. Skipping.',
+          );
           return handler(context);
       }
 

routes/api/v1/data/_middleware.dart

@@ -11,15 +11,17 @@ import 'package:flutter_news_app_api_server_full_source_code/src/registry/model_
 // Helper middleware for applying rate limiting to the data routes.
 Middleware _dataRateLimiterMiddleware() {
   return (handler) {
-    return (context) async { // Made async because ipKeyExtractor is async
+    return (context) async {
+      // Made async because ipKeyExtractor is async
       final user = context.read<User?>(); // Read nullable User
       final permissionService = context.read<PermissionService>();
 
       // Users with the bypass permission are not rate-limited.
-      if (user != null && permissionService.hasPermission(
-        user,
-        Permissions.rateLimitingBypass,
-      )) {
+      if (user != null &&
+          permissionService.hasPermission(
+            user,
+            Permissions.rateLimitingBypass,
+          )) {
         return handler(context);
       }
 
@@ -193,5 +195,7 @@ Handler middleware(Handler handler) {
       .use(authorizationMiddleware()) // Applied fourth (inner-most)
       .use(_dataRateLimiterMiddleware()) // Applied third
       .use(_conditionalAuthenticationMiddleware()) // Applied second
-      .use(_modelValidationAndProviderMiddleware()); // Applied first (outermost)
+      .use(
+        _modelValidationAndProviderMiddleware(),
+      ); // Applied first (outermost)
 }

routes/api/v1/data/index.dart

@@ -78,7 +78,8 @@ Future<Response> _handleGet(RequestContext context) async {
   // If the model is user-owned and the user is authenticated and not an admin,
   // then the operation should be scoped to the authenticated user's ID.
   // Otherwise, it's a global operation or an admin bypass.
-  final userIdForRepoCall = (modelConfig.getOwnerId != null &&
+  final userIdForRepoCall =
+      (modelConfig.getOwnerId != null &&
           authenticatedUser != null &&
           !context.read<PermissionService>().isAdmin(authenticatedUser))
       ? authenticatedUser.id
@@ -134,7 +135,8 @@ Future<Response> _handlePost(RequestContext context) async {
   // If the model is user-owned and the user is authenticated and not an admin,
   // then the operation should be scoped to the authenticated user's ID.
   // Otherwise, it's a global operation or an admin bypass.
-  final userIdForRepoCall = (modelConfig.getOwnerId != null &&
+  final userIdForRepoCall =
+      (modelConfig.getOwnerId != null &&
           authenticatedUser != null &&
           !context.read<PermissionService>().isAdmin(authenticatedUser))
       ? authenticatedUser.id