The backend for the project formerly known as signet, now known as beignet.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

escalateprivileges.go 1.2 KiB

пре 2 година
пре 1 година
пре 2 година
пре 1 година
пре 2 година
пре 2 година
пре 2 година
пре 1 година
пре 2 година
пре 1 година
пре 2 година
пре 1 година
пре 2 година
пре 2 година
пре 1 година
пре 2 година
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354
  1. package endpoints
  2. import (
  3. "encoding/json"
  4. "net/http"
  5. "github.com/imosed/signet/auth"
  6. . "github.com/imosed/signet/data"
  7. "github.com/rs/zerolog/log"
  8. )
  9. type EscalatePrivilegesRequest struct {
  10. UserID uint `json:"userID"`
  11. Privileges uint `json:"privileges"`
  12. }
  13. func ChangePrivileges(w http.ResponseWriter, r *http.Request) {
  14. var req EscalatePrivilegesRequest
  15. err := json.NewDecoder(r.Body).Decode(&req)
  16. if err != nil {
  17. log.Error().Err(err).Msg("Could not decode body in ChangePrivileges call")
  18. return
  19. }
  20. var resp SuccessResponse
  21. var user User
  22. var claims *auth.Claims
  23. claims, err = auth.GetUserClaims(r)
  24. if claims.Privileges < 2 {
  25. Db.Table("users").Where("id = ?", req.UserID).Find(&user)
  26. if req.Privileges == SuperUser {
  27. resp.Success = false
  28. err = json.NewEncoder(w).Encode(resp)
  29. if err != nil {
  30. log.Error().Err(err).Msg("Could not deliver failed escalate privileges response")
  31. }
  32. return
  33. }
  34. user.Privileges = req.Privileges
  35. Db.Save(user)
  36. resp.Success = true
  37. } else {
  38. resp.Success = false
  39. }
  40. err = json.NewEncoder(w).Encode(resp)
  41. if err != nil {
  42. log.Error().Err(err).Msg("Could not deliver successful escalate privileges response")
  43. }
  44. }