37 lines
802 B
Go
37 lines
802 B
Go
package servers
|
|
|
|
import (
|
|
"git.acooldomain.co/server-manager/backend/auth"
|
|
"git.acooldomain.co/server-manager/backend/models"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
func (con ServersApi) ServerAuthorized(permissions models.Permission) func(*gin.Context) {
|
|
return func(ctx *gin.Context) {
|
|
claimsPointer, exists := ctx.Get("claims")
|
|
if !exists {
|
|
ctx.AbortWithStatus(403)
|
|
return
|
|
}
|
|
|
|
claims := claimsPointer.(*auth.AuthClaims)
|
|
|
|
serverId := ctx.Param("server_id")
|
|
if serverId == "" {
|
|
return
|
|
}
|
|
|
|
userPermissions, err := con.ServerAuthorization.GetPermissions(ctx, claims.Username, serverId)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
if userPermissions&permissions == permissions || userPermissions&models.Admin == models.Admin {
|
|
ctx.Set(auth.AuthorizedParam, true)
|
|
return
|
|
}
|
|
|
|
return
|
|
}
|
|
}
|