package endpoints import ( "encoding/json" "net/http" "github.com/imosed/signet/auth" . "github.com/imosed/signet/data" "github.com/rs/zerolog/log" ) type EscalatePrivilegesRequest struct { UserID uint `json:"userID"` Privileges uint `json:"privileges"` } func ChangePrivileges(w http.ResponseWriter, r *http.Request) { var req EscalatePrivilegesRequest err := json.NewDecoder(r.Body).Decode(&req) if err != nil { log.Error().Err(err).Msg("Could not decode body in ChangePrivileges call") return } var resp SuccessResponse var user User var claims *auth.Claims claims, err = auth.GetUserClaims(r) if claims == nil { w.WriteHeader(401) return } if claims.Privileges > AdminPlus { w.WriteHeader(403) return } Db.Table("users").Where("id = ?", req.UserID).Find(&user) if req.Privileges == SuperUser { resp.Success = false err = json.NewEncoder(w).Encode(resp) if err != nil { log.Error().Err(err).Msg("Could not deliver failed escalate privileges response") } return } user.Privileges = req.Privileges Db.Save(user) resp.Success = true err = json.NewEncoder(w).Encode(resp) if err != nil { log.Error().Err(err).Msg("Could not deliver successful escalate privileges response") } }