package middleware import ( "nixcn-cms/data" "nixcn-cms/internal/exception" "nixcn-cms/utils" "github.com/gin-gonic/gin" "github.com/google/uuid" ) func Permission(requiredLevel uint) gin.HandlerFunc { return func(c *gin.Context) { var permissionLevel uint permissionLevelPrev, ok := c.Get("permission_level") if !ok { userIdOrig, ok := c.Get("user_id") if !ok || userIdOrig.(string) == "" { errorCode := new(exception.Builder). SetStatus(exception.StatusUser). SetService(exception.MiddlewareServicePermission). SetEndpoint(exception.EndpointMiddlewareService). SetType(exception.TypeCommon). SetOriginal(exception.CommonErrorMissingUserId). Build(c) utils.HttpAbort(c, 401, errorCode) return } userId, err := uuid.Parse(userIdOrig.(string)) if err != nil { errorCode := new(exception.Builder). SetStatus(exception.StatusServer). SetService(exception.MiddlewareServicePermission). SetEndpoint(exception.EndpointMiddlewareService). SetType(exception.TypeCommon). SetOriginal(exception.CommonErrorUuidParseFailed). SetError(err). Build(c) utils.HttpAbort(c, 500, errorCode) return } userData, err := new(data.User).GetByUserId(c, userId) if err != nil { errorCode := new(exception.Builder). SetStatus(exception.StatusUser). SetService(exception.MiddlewareServicePermission). SetEndpoint(exception.EndpointMiddlewareService). SetType(exception.TypeCommon). SetOriginal(exception.CommonErrorUserNotFound). SetError(err). Build(c) utils.HttpAbort(c, 404, errorCode) return } permissionLevel = userData.PermissionLevel c.Set("permission_level", userData.PermissionLevel) } else { permissionLevel = permissionLevelPrev.(uint) } if permissionLevel < requiredLevel { errorCode := new(exception.Builder). SetStatus(exception.StatusUser). SetService(exception.MiddlewareServicePermission). SetEndpoint(exception.EndpointMiddlewareService). SetType(exception.TypeCommon). SetOriginal(exception.CommonErrorPermissionDenied). Build(c) utils.HttpAbort(c, 403, errorCode) return } c.Next() } }