package endpoints import ( "encoding/json" "github.com/imosed/signet/auth" . "github.com/imosed/signet/data" "net/http" ) type EscalatePrivilegesRequest struct { Username string } func EscalatePrivileges(w http.ResponseWriter, r *http.Request) { var req EscalatePrivilegesRequest err := json.NewDecoder(r.Body).Decode(&req) if err != nil { panic("Could not decode body") } var resp SuccessResponse var user User var claims *auth.Claims claims, err = auth.GetUserClaims(r) if claims.Privileges == SuperUser { Db.Table("users").Where("username = ?", req.Username).Find(&user) if user.Privileges == SuperUser || user.Privileges == AdminPlus { resp.Success = false err = json.NewEncoder(w).Encode(resp) if err != nil { panic("Could not deliver failed escalate privileges response") } return } user.Privileges = AdminPlus resp.Success = true } else { resp.Success = false } err = json.NewEncoder(w).Encode(resp) if err != nil { panic("Could not deliver successful escalate privileges response") } }