1
0
mirror of https://github.com/muety/wakapi.git synced 2023-08-10 21:12:56 +03:00
wakapi/routes/utils/user_utils.go

46 lines
1.4 KiB
Go
Raw Normal View History

package utils
import (
"errors"
2023-03-03 22:40:50 +03:00
"github.com/go-chi/chi/v5"
conf "github.com/muety/wakapi/config"
"github.com/muety/wakapi/middlewares"
"github.com/muety/wakapi/models"
"github.com/muety/wakapi/services"
"net/http"
)
// CheckEffectiveUser extracts the requested user from a URL (like '/users/{user}'), compares it with the currently authorized user and writes an HTTP error if they differ.
// Fallback can be used to manually set a value for '{user}' if none is present.
func CheckEffectiveUser(w http.ResponseWriter, r *http.Request, userService services.IUserService, fallback string) (*models.User, error) {
respondError := func(code int, text string) (*models.User, error) {
err := errors.New(conf.ErrUnauthorized)
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(err.Error()))
return nil, err
}
2023-03-03 22:40:50 +03:00
userParam := chi.URLParam(r, "user")
if userParam == "" {
userParam = fallback
}
authorizedUser := middlewares.GetPrincipal(r)
if authorizedUser == nil {
return respondError(http.StatusUnauthorized, conf.ErrUnauthorized)
2023-03-03 22:40:50 +03:00
} else if userParam == "current" {
return authorizedUser, nil
}
2023-03-03 22:40:50 +03:00
if authorizedUser.ID != userParam && !authorizedUser.IsAdmin {
return respondError(http.StatusUnauthorized, conf.ErrUnauthorized)
}
2023-03-03 22:40:50 +03:00
requestedUser, err := userService.GetUserById(userParam)
if err != nil {
return respondError(http.StatusNotFound, "user not found")
}
return requestedUser, nil
}