nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

updates

Browse Source
This commit is contained in:
Nathan Coad
2023-04-03 10:11:56 +10:00
parent 1acf4c48d7
commit 75468ee8f3
4 changed files with 79 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
controllers/store_secrets.go
View File

@@ -83,7 +83,17 @@ func UpdateSecret(c *gin.Context) {
fmt.Printf("UpdateSecret received JSON input '%v'\n", input)
// TODO - verify that the user role is not readonly
// Get the user and role id of the requestor
u, err := models.GetUserRoleFromToken(c)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Verify that the user role is not readonly
if u.ReadOnly {
c.JSON(http.StatusForbidden, gin.H{"error": "user role does not permit updates"})
return
}
// Populate fields
s := models.Secret{}