package endpoints import ( "encoding/json" "net/http" "github.com/imosed/signet/auth" . "github.com/imosed/signet/data" "github.com/rs/zerolog/log" ) type EscalatePrivilegesRequest struct { Username string } func EscalatePrivileges(w http.ResponseWriter, r *http.Request) { var req EscalatePrivilegesRequest err := json.NewDecoder(r.Body).Decode(&req) if err != nil { log.Error().Err(err).Msg("Could not decode body in EscalatePrivileges call") return } var resp SuccessResponse var user User var claims *auth.Claims claims, err = auth.GetUserClaims(r) if claims.Privileges < 2 { Db.Table("users").Where("username = ?", req.Username).Find(&user) if user.Privileges < 2 { resp.Success = false err = json.NewEncoder(w).Encode(resp) if err != nil { log.Error().Err(err).Msg("Could not deliver failed escalate privileges response") } return } user.Privileges = AdminPlus resp.Success = true } else { resp.Success = false } err = json.NewEncoder(w).Encode(resp) if err != nil { log.Error().Err(err).Msg("Could not deliver successful escalate privileges response") } }