/
admit.go
56 lines (47 loc) · 1.18 KB
/
admit.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
package middleware
import (
"github.com/20326/vega/app/model"
"github.com/20326/vega/app/service"
"github.com/gin-gonic/gin"
// "github.com/sirupsen/logrus"
"net/http"
"strings"
)
var ignoredPerms = map[string]bool{
"/api/user/login": true,
}
func AdmitMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
path := strings.Split(c.Request.URL.RequestURI(), "?")[0]
method := c.Request.Method
srv := service.FromContext(c)
log := srv.GetLogger()
// TODO match /path/:id
log.Warn("\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nAdmit: %s %s\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n", method, path)
if _, ok := ignoredPerms[path]; ok {
c.Next()
return
}
session := &model.SessionData{}
user, _ := session.Get(c, srv.Users)
if nil != user && user.Username == "admin" {
c.Next()
return
}
log.Warn("\n", method, user, path)
allowed, _ := srv.Admissions.Admit(c, user, path, method)
log.Warn("\n", method, path, allowed)
if !allowed {
log.Warn("No permission for %s %s", method, path)
c.JSON(http.StatusOK, gin.H{
"code": 403,
"msg": "err.Err403",
})
c.Abort()
return
} else {
log.Info("permission check ok, %s %s", method, path)
}
c.Next()
}
}