The backend for the project formerly known as signet, now known as beignet.
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符

escalateprivileges.go 1.1 KiB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152
  1. package endpoints
  2. import (
  3. "encoding/json"
  4. "net/http"
  5. "github.com/imosed/signet/auth"
  6. . "github.com/imosed/signet/data"
  7. "github.com/rs/zerolog/log"
  8. )
  9. type EscalatePrivilegesRequest struct {
  10. Username string
  11. }
  12. func EscalatePrivileges(w http.ResponseWriter, r *http.Request) {
  13. var req EscalatePrivilegesRequest
  14. err := json.NewDecoder(r.Body).Decode(&req)
  15. if err != nil {
  16. log.Error().Err(err).Msg("Could not decode body in EscalatePrivileges call")
  17. return
  18. }
  19. var resp SuccessResponse
  20. var user User
  21. var claims *auth.Claims
  22. claims, err = auth.GetUserClaims(r)
  23. if claims.Privileges < 2 {
  24. Db.Table("users").Where("username = ?", req.Username).Find(&user)
  25. if user.Privileges < 2 {
  26. resp.Success = false
  27. err = json.NewEncoder(w).Encode(resp)
  28. if err != nil {
  29. log.Error().Err(err).Msg("Could not deliver failed escalate privileges response")
  30. }
  31. return
  32. }
  33. user.Privileges = AdminPlus
  34. resp.Success = true
  35. } else {
  36. resp.Success = false
  37. }
  38. err = json.NewEncoder(w).Encode(resp)
  39. if err != nil {
  40. log.Error().Err(err).Msg("Could not deliver successful escalate privileges response")
  41. }
  42. }