/
admin.go
57 lines (48 loc) · 1.15 KB
/
admin.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
package server
import (
"net/http"
"github.com/keys-pub/keys"
"github.com/labstack/echo/v4"
"github.com/pkg/errors"
)
func (s *Server) adminCheck(c echo.Context) error {
s.logger.Infof("Server %s %s", c.Request().Method, c.Request().URL.String())
request := c.Request()
ctx := request.Context()
auth, status, err := checkAuth(c, s.URL, s.nowFn(), s.mc)
if err != nil {
return ErrResponse(c, status, err.Error())
}
if !s.isAdmin(auth.KID) {
return ErrForbidden(c, errors.Errorf("not authorized"))
}
if c.Param("kid") == "all" {
kids, err := s.users.KIDs(ctx)
if err != nil {
return s.internalError(c, err)
}
for _, kid := range kids {
if err := s.checkKID(ctx, kid); err != nil {
return s.internalError(c, err)
}
}
} else {
kid, err := keys.ParseID(c.Param("kid"))
if err != nil {
return ErrNotFound(c, errors.Errorf("kid not found"))
}
if err := s.checkKID(ctx, kid); err != nil {
return s.internalError(c, err)
}
}
var resp struct{}
return JSON(c, http.StatusOK, resp)
}
func (s *Server) isAdmin(kid keys.ID) bool {
for _, admin := range s.admins {
if admin == kid {
return true
}
}
return false
}