User roles.v0.0.13

author: jloup <jloup@jloup.work> 2018-05-13 15:47:59 +0100
committer: jloup <jloup@jloup.work> 2018-05-13 15:47:59 +0100
commit: cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6 (patch)
tree: 0a5de670cf7f03ab8d582e28c006b643b0c6e22d /api
parent: 391835378931665f449c2e99dc070292d193409e (diff)
download: Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.tar.gz
Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.tar.zst
Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.zip
2 files changed, 19 insertions, 0 deletions
diff --git a/api/routes.go b/api/routes.go
index 404f821..3adbfe9 100644
--- a/api/routes.go
+++ b/api/routes.go
@@ -55,6 +55,11 @@ var Groups = []Group{
                        {"GET", []gin.HandlerFunc{UserAccount}, "/account"},
                },
        },
+        {
+                "/admin",
+                []Middleware{JwtAuth, UserConfirmed, UserIsAdmin, OtpAuth},
+                []Route{},
+        },
 }
 func Signup(c *gin.Context) {
diff --git a/api/user.go b/api/user.go
index a2737fd..bc24bbb 100644
--- a/api/user.go
+++ b/api/user.go
@@ -30,6 +30,20 @@ func UserConfirmed(c *gin.Context) *Error {
        return nil
 }
+func UserIsAdmin(c *gin.Context) *Error {
+        user, exists := c.Get("user")
+        if !exists {
+                return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
+        }
+        if user.(db.User).Role != db.RoleAdmin {
+                return &Error{NotAuthorized, "not authorized", fmt.Errorf("user '%v' is not admin", user)}
+        }
+        return nil
+}
 func GetUser(c *gin.Context) db.User {
        user, _ := c.Get("user")
author	jloup <jloup@jloup.work>	2018-05-13 15:47:59 +0100
committer	jloup <jloup@jloup.work>	2018-05-13 15:47:59 +0100
commit	cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6 (patch)
tree	0a5de670cf7f03ab8d582e28c006b643b0c6e22d /api
parent	391835378931665f449c2e99dc070292d193409e (diff)
download	Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.tar.gz Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.tar.zst Front-cf5bb85cede5b05b58ed2b40460d0b913e8b2cf6.zip

diff --git a/api/routes.go b/api/routes.go index 404f821..3adbfe9 100644 --- a/api/routes.go +++ b/api/routes.go
@@ -55,6 +55,11 @@ var Groups = []Group{
55	{"GET", []gin.HandlerFunc{UserAccount}, "/account"},	55	{"GET", []gin.HandlerFunc{UserAccount}, "/account"},
56	},	56	},
57	},	57	},
		58	{
		59	"/admin",
		60	[]Middleware{JwtAuth, UserConfirmed, UserIsAdmin, OtpAuth},
		61	[]Route{},
		62	},
58	}	63	}
59		64
60	func Signup(c *gin.Context) {	65	func Signup(c *gin.Context) {


diff --git a/api/user.go b/api/user.go index a2737fd..bc24bbb 100644 --- a/api/user.go +++ b/api/user.go
@@ -30,6 +30,20 @@ func UserConfirmed(c gin.Context) Error {
30	return nil	30	return nil
31	}	31	}
32		32
		33	func UserIsAdmin(c gin.Context) Error {
		34	user, exists := c.Get("user")
		35
		36	if !exists {
		37	return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
		38	}
		39
		40	if user.(db.User).Role != db.RoleAdmin {
		41	return &Error{NotAuthorized, "not authorized", fmt.Errorf("user '%v' is not admin", user)}
		42	}
		43
		44	return nil
		45	}
		46
33	func GetUser(c *gin.Context) db.User {	47	func GetUser(c *gin.Context) db.User {
34	user, _ := c.Get("user")	48	user, _ := c.Get("user")
35		49