This commit is contained in:
@@ -191,6 +191,7 @@ func CheckUpdateSecretAllowed(s *models.Secret, user_id int) (int, error) {
|
||||
func UpdateSecret(c *gin.Context) {
|
||||
var err error
|
||||
var input StoreInput
|
||||
var user_id int
|
||||
|
||||
if err := c.ShouldBindJSON(&input); err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "UpdateSecret error binding to input JSON : " + err.Error()})
|
||||
@@ -216,7 +217,13 @@ func UpdateSecret(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
*/
|
||||
user_id := c.GetInt("user-id")
|
||||
//user_id := c.GetInt("user-id")
|
||||
if val, ok := c.Get("user-id"); !ok {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user"})
|
||||
return
|
||||
} else {
|
||||
user_id = val.(int)
|
||||
}
|
||||
log.Printf("user_id: %v\n", user_id)
|
||||
|
||||
// Populate fields
|
||||
|
||||
@@ -38,30 +38,41 @@ func JwtAuthMiddleware() gin.HandlerFunc {
|
||||
|
||||
func JwtAuthAdminMiddleware() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
/*
|
||||
err := token.TokenValid(c)
|
||||
if err != nil {
|
||||
log.Printf("JwtAuthAdminMiddleware token is not valid : '%s'\n", err)
|
||||
c.String(http.StatusUnauthorized, "Unauthorized")
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
err := token.TokenValid(c)
|
||||
if err != nil {
|
||||
log.Printf("JwtAuthAdminMiddleware token is not valid : '%s'\n", err)
|
||||
c.String(http.StatusUnauthorized, "Unauthorized")
|
||||
// Once we know the token is valid, figure out if this user is an admin
|
||||
user_id, err := token.ExtractTokenID(c)
|
||||
|
||||
if err != nil {
|
||||
log.Printf("JwtAuthAdminMiddleware could not extract user ID from context : '%s'\n", err)
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
log.Printf("JwtAuthAdminMiddleware determined user id as '%v'\n", user_id)
|
||||
*/
|
||||
|
||||
user_id := c.GetInt("user-id")
|
||||
|
||||
if user_id == 0 {
|
||||
errString := "could not extract user ID from context"
|
||||
log.Printf("JwtAuthAdminMiddleware '%s'\n", errString)
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
// Once we know the token is valid, figure out if this user is an admin
|
||||
user_id, err := token.ExtractTokenID(c)
|
||||
|
||||
if err != nil {
|
||||
log.Printf("JwtAuthAdminMiddleware could not extract user ID from context : '%s'\n", err)
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
log.Printf("JwtAuthAdminMiddleware determined user id as '%v'\n", user_id)
|
||||
|
||||
// TODO determine user role
|
||||
|
||||
//ur, err := models.GetUserRoleByID(user_id)
|
||||
ug, err := models.UserGetGroupByID(user_id)
|
||||
ug, err := models.UserGetGroupByID(uint(user_id))
|
||||
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||||
|
||||
Reference in New Issue
Block a user