Add permission middleware

Signed-off-by: Asai Neko <sugar@sne.moe>
2026-01-06 10:36:51 +08:00
parent b4d0959de4
commit ddffb0da23
7 changed files with 54 additions and 46 deletions
--- a/middleware/permission.go
+++ b/middleware/permission.go
@@ -0,0 +1,36 @@
+package middleware
+
+import (
+	"nixcn-cms/data"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+)
+
+func Permission(requiredLevel uint) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		userIdOrig, ok := c.Get("user_id")
+		if !ok || userIdOrig.(string) == "" {
+			c.AbortWithStatusJSON(401, gin.H{"status": "missing user id"})
+			return
+		}
+
+		userId, err := uuid.Parse(userIdOrig.(string))
+		if err != nil {
+			c.AbortWithStatusJSON(500, gin.H{"status": "error parsing user id"})
+			return
+		}
+
+		userData, err := new(data.User).GetByUserId(userId)
+		if err != nil {
+			c.AbortWithStatusJSON(404, gin.H{"status": "user not found"})
+			return
+		}
+
+		if userData.PermissionLevel < requiredLevel {
+			c.AbortWithStatusJSON(403, gin.H{"status": "permission denied"})
+			return
+		}
+		c.Next()
+	}
+}