47 lines
1.0 KiB
Go
47 lines
1.0 KiB
Go
package middleware
|
|
|
|
import (
|
|
"nixcn-cms/data"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/google/uuid"
|
|
)
|
|
|
|
func Permission(requiredLevel uint) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
var permissionLevel uint
|
|
permissionLevelPrev, ok := c.Get("permission_level")
|
|
if !ok {
|
|
userIdOrig, ok := c.Get("user_id")
|
|
if !ok || userIdOrig.(string) == "" {
|
|
c.AbortWithStatusJSON(401, gin.H{"status": "missing user id"})
|
|
return
|
|
}
|
|
|
|
userId, err := uuid.Parse(userIdOrig.(string))
|
|
if err != nil {
|
|
c.AbortWithStatusJSON(500, gin.H{"status": "error parsing user id"})
|
|
return
|
|
}
|
|
|
|
userData, err := new(data.User).GetByUserId(userId)
|
|
if err != nil {
|
|
c.AbortWithStatusJSON(404, gin.H{"status": "user not found"})
|
|
return
|
|
}
|
|
|
|
permissionLevel = userData.PermissionLevel
|
|
c.Set("permission_level", userData.PermissionLevel)
|
|
} else {
|
|
permissionLevel = permissionLevelPrev.(uint)
|
|
}
|
|
|
|
if permissionLevel < requiredLevel {
|
|
c.AbortWithStatusJSON(403, gin.H{"status": "permission denied"})
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|