Noa Virellia
a60a796345
Update multiple services and middlewares to pass the original error to exception.Builder before building the error code. Co-authored-by: Gemini <gemini@google.com>
79 lines
2.2 KiB
Go
79 lines
2.2 KiB
Go
package middleware
|
|
|
|
import (
|
|
"nixcn-cms/data"
|
|
"nixcn-cms/internal/exception"
|
|
"nixcn-cms/utils"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/google/uuid"
|
|
)
|
|
|
|
func Permission(requiredLevel uint) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
var permissionLevel uint
|
|
permissionLevelPrev, ok := c.Get("permission_level")
|
|
if !ok {
|
|
userIdOrig, ok := c.Get("user_id")
|
|
if !ok || userIdOrig.(string) == "" {
|
|
errorCode := new(exception.Builder).
|
|
SetStatus(exception.StatusUser).
|
|
SetService(exception.MiddlewareServicePermission).
|
|
SetEndpoint(exception.EndpointMiddlewareService).
|
|
SetType(exception.TypeCommon).
|
|
SetOriginal(exception.CommonErrorMissingUserId).
|
|
Build()
|
|
utils.HttpAbort(c, 401, errorCode)
|
|
return
|
|
}
|
|
|
|
userId, err := uuid.Parse(userIdOrig.(string))
|
|
if err != nil {
|
|
errorCode := new(exception.Builder).
|
|
SetStatus(exception.StatusServer).
|
|
SetService(exception.MiddlewareServicePermission).
|
|
SetEndpoint(exception.EndpointMiddlewareService).
|
|
SetType(exception.TypeCommon).
|
|
SetOriginal(exception.CommonErrorUuidParseFailed).
|
|
SetError(err).
|
|
Build()
|
|
utils.HttpAbort(c, 500, errorCode)
|
|
return
|
|
}
|
|
|
|
userData, err := new(data.User).GetByUserId(userId)
|
|
if err != nil {
|
|
errorCode := new(exception.Builder).
|
|
SetStatus(exception.StatusUser).
|
|
SetService(exception.MiddlewareServicePermission).
|
|
SetEndpoint(exception.EndpointMiddlewareService).
|
|
SetType(exception.TypeCommon).
|
|
SetOriginal(exception.CommonErrorUserNotFound).
|
|
SetError(err).
|
|
Build()
|
|
utils.HttpAbort(c, 404, errorCode)
|
|
return
|
|
}
|
|
|
|
permissionLevel = userData.PermissionLevel
|
|
c.Set("permission_level", userData.PermissionLevel)
|
|
} else {
|
|
permissionLevel = permissionLevelPrev.(uint)
|
|
}
|
|
|
|
if permissionLevel < requiredLevel {
|
|
errorCode := new(exception.Builder).
|
|
SetStatus(exception.StatusUser).
|
|
SetService(exception.MiddlewareServicePermission).
|
|
SetEndpoint(exception.EndpointMiddlewareService).
|
|
SetType(exception.TypeCommon).
|
|
SetOriginal(exception.CommonErrorPermissionDenied).
|
|
Build()
|
|
utils.HttpAbort(c, 403, errorCode)
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|