Mercurial > gemma

view pkg/middleware/dbconn.go @ 3719:916534d9d6f6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
client: waterlevel diagram: handle gauges without reference waterlevels
author Markus Kottlaender <markus@intevation.de>
date Thu, 20 Jun 2019 17:03:38 +0200
parents ef59a4255670
children 6f9d00c8cc38
line wrap: on
line source

// This is Free Software under GNU Affero General Public License v >= 3.0
// without warranty, see README.md and license for details.
//
// SPDX-License-Identifier: AGPL-3.0-or-later
// License-Filename: LICENSES/AGPL-3.0.txt
//
// Copyright (C) 2019 by via donau
//   – Österreichische Wasserstraßen-Gesellschaft mbH
// Software engineering by Intevation GmbH
//
// Author(s):
//  * Sascha L. Teichmann <sascha.teichmann@intevation.de>

package middleware

import (
	"context"
	"database/sql"
	"fmt"
	"log"
	"net/http"

	"gemma.intevation.de/gemma/pkg/auth"
)

type wrapDBKeyType int

const wrapDBKey wrapDBKeyType = 0

func GetDBConn(req *http.Request) *sql.Conn {
	if conn, ok := req.Context().Value(wrapDBKey).(*sql.Conn); ok {
		return conn
	}
	return nil
}

func DBConn(next http.Handler) http.Handler {

	return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
		token, ok := auth.GetToken(req)
		if !ok {
			http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
			return
		}
		session := auth.Sessions.Session(token)
		if session == nil {
			http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
			return
		}
		parent := req.Context()
		if err := auth.RunAs(parent, session.User, func(conn *sql.Conn) error {
			ctx := context.WithValue(parent, wrapDBKey, conn)
			req = req.WithContext(ctx)
			next.ServeHTTP(rw, req)
			return nil
		}); err != nil {
			log.Printf("error: %v\n", err)
			http.Error(rw, fmt.Sprintf("error: %v", err), http.StatusInternalServerError)
		}
	})
}