/
user_memberships.go
executable file
·35 lines (28 loc) · 1.26 KB
/
user_memberships.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
package users
import (
"net/http"
httperror "github.com/baasapi/libhttp/error"
"github.com/baasapi/libhttp/request"
"github.com/baasapi/libhttp/response"
"github.com/baasapi/baasapi/api"
"github.com/baasapi/baasapi/api/http/security"
)
// GET request on /api/users/:id/memberships
func (handler *Handler) userMemberships(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
userID, err := request.RetrieveNumericRouteVariableValue(r, "id")
if err != nil {
return &httperror.HandlerError{http.StatusBadRequest, "Invalid user identifier route variable", err}
}
tokenData, err := security.RetrieveTokenData(r)
if err != nil {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve user authentication token", err}
}
if tokenData.Role != baasapi.AdministratorRole && tokenData.ID != baasapi.UserID(userID) {
return &httperror.HandlerError{http.StatusForbidden, "Permission denied to update user memberships", baasapi.ErrUnauthorized}
}
memberships, err := handler.TeamMembershipService.TeamMembershipsByUserID(baasapi.UserID(userID))
if err != nil {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist membership changes inside the database", err}
}
return response.JSON(w, memberships)
}