Mercurial > gemma
view pkg/middleware/dbconn.go @ 3746:433bad131e5c
Added check trigger to sounding results to ensure they intersect the bn-area.
author | Sascha Wilde <wilde@intevation.de> |
---|---|
date | Mon, 24 Jun 2019 16:13:05 +0200 |
parents | ef59a4255670 |
children | 6f9d00c8cc38 |
line wrap: on
line source
// This is Free Software under GNU Affero General Public License v >= 3.0 // without warranty, see README.md and license for details. // // SPDX-License-Identifier: AGPL-3.0-or-later // License-Filename: LICENSES/AGPL-3.0.txt // // Copyright (C) 2019 by via donau // – Österreichische Wasserstraßen-Gesellschaft mbH // Software engineering by Intevation GmbH // // Author(s): // * Sascha L. Teichmann <sascha.teichmann@intevation.de> package middleware import ( "context" "database/sql" "fmt" "log" "net/http" "gemma.intevation.de/gemma/pkg/auth" ) type wrapDBKeyType int const wrapDBKey wrapDBKeyType = 0 func GetDBConn(req *http.Request) *sql.Conn { if conn, ok := req.Context().Value(wrapDBKey).(*sql.Conn); ok { return conn } return nil } func DBConn(next http.Handler) http.Handler { return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { token, ok := auth.GetToken(req) if !ok { http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) return } session := auth.Sessions.Session(token) if session == nil { http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) return } parent := req.Context() if err := auth.RunAs(parent, session.User, func(conn *sql.Conn) error { ctx := context.WithValue(parent, wrapDBKey, conn) req = req.WithContext(ctx) next.ServeHTTP(rw, req) return nil }); err != nil { log.Printf("error: %v\n", err) http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError) } }) }