Mercurial > gemma
changeset 326:a7b2db8b3d18
Added type for roles.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Thu, 02 Aug 2018 18:39:01 +0200 |
parents | c23eb0f34e39 |
children | 363983d5c567 |
files | auth/middleware.go auth/session.go controllers/user.go |
diffstat | 3 files changed, 42 insertions(+), 29 deletions(-) [+] |
line wrap: on
line diff
--- a/auth/middleware.go Thu Aug 02 18:07:35 2018 +0200 +++ b/auth/middleware.go Thu Aug 02 18:39:01 2018 +0200 @@ -64,10 +64,8 @@ func HasRole(roles ...string) func(*Session) bool { return func(session *Session) bool { for _, r1 := range roles { - for _, r2 := range session.Roles { - if r1 == r2 { - return true - } + if session.Roles.Has(r1) { + return true } } return false
--- a/auth/session.go Thu Aug 02 18:07:35 2018 +0200 +++ b/auth/session.go Thu Aug 02 18:39:01 2018 +0200 @@ -7,11 +7,22 @@ "time" ) +type Roles []string + type Session struct { - ExpiresAt int64 `json:"expires"` - User string `json:"user"` - Password string `json:"password"` - Roles []string `json:"roles"` + ExpiresAt int64 `json:"expires"` + User string `json:"user"` + Password string `json:"password"` + Roles Roles `json:"roles"` +} + +func (r Roles) Has(role string) bool { + for _, x := range r { + if x == role { + return true + } + } + return false } const (
--- a/controllers/user.go Thu Aug 02 18:07:35 2018 +0200 +++ b/controllers/user.go Thu Aug 02 18:39:01 2018 +0200 @@ -87,28 +87,32 @@ newUser := input.(*User) var res sql.Result - if newUser.Extent == nil { - res, err = db.Exec( - updateUserSQL, - user, - newUser.Role, - newUser.User, - newUser.Password, - newUser.Country, - newUser.Email, - ) + if s, _ := auth.GetSession(req); s.Roles.Has("sys_admin") { + if newUser.Extent == nil { + res, err = db.Exec( + updateUserSQL, + user, + newUser.Role, + newUser.User, + newUser.Password, + newUser.Country, + newUser.Email, + ) + } else { + res, err = db.Exec( + updateUserExtentSQL, + user, + newUser.Role, + newUser.User, + newUser.Password, + newUser.Country, + newUser.Extent.X1, newUser.Extent.Y1, + newUser.Extent.X2, newUser.Extent.Y2, + newUser.Email, + ) + } } else { - res, err = db.Exec( - updateUserExtentSQL, - user, - newUser.Role, - newUser.User, - newUser.Password, - newUser.Country, - newUser.Extent.X1, newUser.Extent.Y1, - newUser.Extent.X2, newUser.Extent.Y2, - newUser.Email, - ) + // ... } if err != nil {