41 lines
735 B
Go
41 lines
735 B
Go
package middleware
|
|
|
|
import (
|
|
"context"
|
|
rest_api_stuff "enshi/REST_API_stuff"
|
|
db_repo "enshi/db/go_queries"
|
|
"enshi/db_connection"
|
|
"enshi/middleware/getters"
|
|
"fmt"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
func AdminMiddleware() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
|
|
userId, err := getters.GetUserIdFromContext(c)
|
|
|
|
if err != nil || userId == 0 {
|
|
rest_api_stuff.BadRequestAnswer(c, err)
|
|
c.Abort()
|
|
}
|
|
|
|
user, err :=
|
|
db_repo.New(db_connection.Dbx).
|
|
GetUserById(context.Background(), userId)
|
|
|
|
if err != nil || user.UserID == 0 {
|
|
rest_api_stuff.BadRequestAnswer(c, err)
|
|
c.Abort()
|
|
}
|
|
|
|
if !user.IsAdmin {
|
|
rest_api_stuff.UnauthorizedAnswer(c, fmt.Errorf("not allowed"))
|
|
c.Abort()
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|