jbell730
/
signet-backend
1
0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
The backend for the project formerly known as signet, now known as beignet.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24 Commit
1 分支
182 KiB
分支: master
分支列表 標籤列表
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
signet-backend/endpoints/escalateprivileges.go

escalateprivileges.go 1.2 KiB
原始文件 永久連結 Normal View 文件歷史

Initial commit
2 年之前
Code cleanup
1 年之前
Initial commit
2 年之前
Add logging and control flow
1 年之前
Initial commit
2 年之前
Force change password for new users
1 年之前
Initial commit
2 年之前
Force change password for new users
1 年之前
Initial commit
2 年之前
Force change password for new users
1 年之前
Add logging and control flow
1 年之前
Initial commit
2 年之前
Better way of determining privileges
1 年之前
Return the proper http response for unprivileged requests
1 年之前
Initial commit
2 年之前
Better way of determining privileges
1 年之前
Initial commit
2 年之前
Add logging and control flow
1 年之前
Initial commit
2 年之前
 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. package endpoints

  2. 

  3. import (

  4. 	"encoding/json"

  5. 	"net/http"

  6. 

  7. 	"github.com/imosed/signet/auth"

  8. 	. "github.com/imosed/signet/data"

  9. 	"github.com/rs/zerolog/log"

  10. )

  11. 

  12. type EscalatePrivilegesRequest struct {

  13. 	UserID     uint `json:"userID"`

  14. 	Privileges uint `json:"privileges"`

  15. }

  16. 

  17. func ChangePrivileges(w http.ResponseWriter, r *http.Request) {

  18. 	var req EscalatePrivilegesRequest

  19. 	err := json.NewDecoder(r.Body).Decode(&req)

  20. 	if err != nil {

  21. 		log.Error().Err(err).Msg("Could not decode body in ChangePrivileges call")

  22. 		return

  23. 	}

  24. 

  25. 	var resp SuccessResponse

  26. 	var user User

  27. 

  28. 	var claims *auth.Claims

  29. 	claims, err = auth.GetUserClaims(r)

  30. 

  31. 	if claims == nil {

  32. 		w.WriteHeader(401)

  33. 		return

  34. 	}

  35. 	if claims.Privileges > AdminPlus {

  36. 		w.WriteHeader(403)

  37. 		return

  38. 	}

  39. 

  40. 	Db.Table("users").Where("id = ?", req.UserID).Find(&user)

  41. 	if req.Privileges == SuperUser {

  42. 		resp.Success = false

  43. 

  44. 		err = json.NewEncoder(w).Encode(resp)

  45. 		if err != nil {

  46. 			log.Error().Err(err).Msg("Could not deliver failed escalate privileges response")

  47. 		}

  48. 		return

  49. 	}

  50. 

  51. 	user.Privileges = req.Privileges

  52. 	Db.Save(user)

  53. 	resp.Success = true

  54. 

  55. 	err = json.NewEncoder(w).Encode(resp)

  56. 	if err != nil {

  57. 		log.Error().Err(err).Msg("Could not deliver successful escalate privileges response")

  58. 	}

  59. }