jbell730
/
signet-backend
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
The backend for the project formerly known as signet, now known as beignet.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21 Commits
1 Branch
182 KiB
 
Tree: f138238b49
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f138238b49'
${ noResults }
signet-backend/endpoints/escalateprivileges.go

53 lines
1.1 KiB
Raw Blame History 

  1. package endpoints

  2. 

  3. import (

  4. 	"encoding/json"

  5. 	"net/http"

  6. 

  7. 	"github.com/imosed/signet/auth"

  8. 	. "github.com/imosed/signet/data"

  9. 	"github.com/rs/zerolog/log"

  10. )

  11. 

  12. type EscalatePrivilegesRequest struct {

  13. 	Username string

  14. }

  15. 

  16. func EscalatePrivileges(w http.ResponseWriter, r *http.Request) {

  17. 	var req EscalatePrivilegesRequest

  18. 	err := json.NewDecoder(r.Body).Decode(&req)

  19. 	if err != nil {

  20. 		log.Error().Err(err).Msg("Could not decode body in EscalatePrivileges call")

  21. 		return

  22. 	}

  23. 

  24. 	var resp SuccessResponse

  25. 	var user User

  26. 

  27. 	var claims *auth.Claims

  28. 	claims, err = auth.GetUserClaims(r)

  29. 

  30. 	if claims.Privileges < 2 {

  31. 		Db.Table("users").Where("username = ?", req.Username).Find(&user)

  32. 		if user.Privileges < 2 {

  33. 			resp.Success = false

  34. 

  35. 			err = json.NewEncoder(w).Encode(resp)

  36. 			if err != nil {

  37. 				log.Error().Err(err).Msg("Could not deliver failed escalate privileges response")

  38. 			}

  39. 			return

  40. 		}

  41. 

  42. 		user.Privileges = AdminPlus

  43. 		resp.Success = true

  44. 	} else {

  45. 		resp.Success = false

  46. 	}

  47. 

  48. 	err = json.NewEncoder(w).Encode(resp)

  49. 	if err != nil {

  50. 		log.Error().Err(err).Msg("Could not deliver successful escalate privileges response")

  51. 	}

  52. }