User roles.v0.0.13

author: jloup <jloup@jloup.work> 2018-05-13 15:47:59 +0100
committer: jloup <jloup@jloup.work> 2018-05-13 15:47:59 +0100
commit: cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6 (patch)
tree: 0a5de670cf7f03ab8d582e28c006b643b0c6e22d /api/user.go
parent: 391835378931665f449c2e99dc070292d193409e (diff)
download: Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.tar.gz
Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.tar.zst
Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.zip
1 files changed, 14 insertions, 0 deletions
diff --git a/api/user.go b/api/user.go
index a2737fd..bc24bbb 100644
--- a/api/user.go
+++ b/api/user.go
@@ -30,6 +30,20 @@ func UserConfirmed(c *gin.Context) *Error {
        return nil
 }
+func UserIsAdmin(c *gin.Context) *Error {
+        user, exists := c.Get("user")
+        if !exists {
+                return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
+        }
+        if user.(db.User).Role != db.RoleAdmin {
+                return &Error{NotAuthorized, "not authorized", fmt.Errorf("user '%v' is not admin", user)}
+        }
+        return nil
+}
 func GetUser(c *gin.Context) db.User {
        user, _ := c.Get("user")
author	jloup <jloup@jloup.work>	2018-05-13 15:47:59 +0100
committer	jloup <jloup@jloup.work>	2018-05-13 15:47:59 +0100
commit	cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6 (patch)
tree	0a5de670cf7f03ab8d582e28c006b643b0c6e22d /api/user.go
parent	391835378931665f449c2e99dc070292d193409e (diff)
download	Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.tar.gz Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.tar.zst Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.zip

diff --git a/api/user.go b/api/user.go index a2737fd..bc24bbb 100644 --- a/api/user.go +++ b/api/user.go
@@ -30,6 +30,20 @@ func UserConfirmed(c gin.Context) Error {
30	return nil	30	return nil
31	}	31	}
32		32
		33	func UserIsAdmin(c gin.Context) Error {
		34	user, exists := c.Get("user")
		35
		36	if !exists {
		37	return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
		38	}
		39
		40	if user.(db.User).Role != db.RoleAdmin {
		41	return &Error{NotAuthorized, "not authorized", fmt.Errorf("user '%v' is not admin", user)}
		42	}
		43
		44	return nil
		45	}
		46
33	func GetUser(c *gin.Context) db.User {	47	func GetUser(c *gin.Context) db.User {
34	user, _ := c.Get("user")	48	user, _ := c.Get("user")
35		49