package logic import ( "blackforestbytes.com/simplecloudnotifier/api/apierr" "blackforestbytes.com/simplecloudnotifier/common/ginresp" "gogs.mikescher.com/BlackForestBytes/goext/langext" ) type PermKeyType string const ( PermKeyTypeNone PermKeyType = "NONE" // (nothing) PermKeyTypeUserSend PermKeyType = "USER_SEND" // send-messages PermKeyTypeUserRead PermKeyType = "USER_READ" // send-messages, list-messages, read-user PermKeyTypeUserAdmin PermKeyType = "USER_ADMIN" // send-messages, list-messages, read-user, delete-messages, update-user PermKeyTypeChannelSub PermKeyType = "CHAN_SUBSCRIBE" // subscribe-channel PermKeyTypeChannelSend PermKeyType = "CHAN_SEND" // send-messages ) type PermissionSet struct { ReferenceID *int64 KeyType PermKeyType } func NewEmptyPermissions() PermissionSet { return PermissionSet{ ReferenceID: nil, KeyType: PermKeyTypeNone, } } var respoNotAuthorized = ginresp.InternAPIError(401, apierr.USER_AUTH_FAILED, "You are not authorized for this action", nil) func (ac *AppContext) CheckPermissionUserRead(userid int64) *ginresp.HTTPResponse { p := ac.permissions if p.ReferenceID != nil && *p.ReferenceID == userid && p.KeyType == PermKeyTypeUserRead { return nil } if p.ReferenceID != nil && *p.ReferenceID == userid && p.KeyType == PermKeyTypeUserAdmin { return nil } return langext.Ptr(respoNotAuthorized) } func (ac *AppContext) CheckPermissionUserAdmin(userid int64) *ginresp.HTTPResponse { p := ac.permissions if p.ReferenceID != nil && *p.ReferenceID == userid && p.KeyType == PermKeyTypeUserAdmin { return nil } return langext.Ptr(respoNotAuthorized) }