-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathbase_ctl.go
75 lines (62 loc) · 1.61 KB
/
base_ctl.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package controller
import (
"context"
"net/http"
"github.com/google/uuid"
"github.com/GitDataAI/jiaozifs/api"
"github.com/GitDataAI/jiaozifs/auth"
"github.com/GitDataAI/jiaozifs/auth/rbac"
"go.uber.org/fx"
)
type BaseController struct {
fx.In
PermissionCheck rbac.PermissionCheck
}
func (c *BaseController) authorize(ctx context.Context, w *api.JiaozifsResponse, perms rbac.Node) bool {
operator, err := auth.GetOperator(ctx)
if err != nil {
w.Unauthorized()
return false
}
resp, err := c.PermissionCheck.Authorize(ctx, &rbac.AuthorizationRequest{
OperatorID: operator.ID,
RequiredPermissions: perms,
})
if err != nil {
w.String(err.Error(), http.StatusInternalServerError)
return false
}
if resp.Error != nil {
w.Code(http.StatusUnauthorized)
return false
}
if !resp.Allowed {
w.String("User does not have the required permissions", http.StatusInternalServerError)
return false
}
return true
}
func (c *BaseController) authorizeMember(ctx context.Context, w *api.JiaozifsResponse, repoID uuid.UUID, perms rbac.Node) bool {
operator, err := auth.GetOperator(ctx)
if err != nil {
w.Unauthorized()
return false
}
resp, err := c.PermissionCheck.AuthorizeMember(ctx, repoID, &rbac.AuthorizationRequest{
OperatorID: operator.ID,
RequiredPermissions: perms,
})
if err != nil {
w.String(err.Error(), http.StatusInternalServerError)
return false
}
if resp.Error != nil {
w.Code(http.StatusUnauthorized)
return false
}
if !resp.Allowed {
w.String("User does not have the required permissions", http.StatusInternalServerError)
return false
}
return true
}