The backend for the project formerly known as signet, now known as beignet.
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.

60 rindas
1.2 KiB

  1. package endpoints
  2. import (
  3. "encoding/json"
  4. "net/http"
  5. "github.com/imosed/signet/auth"
  6. . "github.com/imosed/signet/data"
  7. "github.com/rs/zerolog/log"
  8. )
  9. type EscalatePrivilegesRequest struct {
  10. UserID uint `json:"userID"`
  11. Privileges uint `json:"privileges"`
  12. }
  13. func ChangePrivileges(w http.ResponseWriter, r *http.Request) {
  14. var req EscalatePrivilegesRequest
  15. err := json.NewDecoder(r.Body).Decode(&req)
  16. if err != nil {
  17. log.Error().Err(err).Msg("Could not decode body in ChangePrivileges call")
  18. return
  19. }
  20. var resp SuccessResponse
  21. var user User
  22. var claims *auth.Claims
  23. claims, err = auth.GetUserClaims(r)
  24. if claims == nil {
  25. w.WriteHeader(401)
  26. return
  27. }
  28. if claims.Privileges > AdminPlus {
  29. w.WriteHeader(403)
  30. return
  31. }
  32. Db.Table("users").Where("id = ?", req.UserID).Find(&user)
  33. if req.Privileges == SuperUser {
  34. resp.Success = false
  35. err = json.NewEncoder(w).Encode(resp)
  36. if err != nil {
  37. log.Error().Err(err).Msg("Could not deliver failed escalate privileges response")
  38. }
  39. return
  40. }
  41. user.Privileges = req.Privileges
  42. Db.Save(user)
  43. resp.Success = true
  44. err = json.NewEncoder(w).Encode(resp)
  45. if err != nil {
  46. log.Error().Err(err).Msg("Could not deliver successful escalate privileges response")
  47. }
  48. }