SimpleCloudNotifier/server/logic/permissions.go

54 lines
1.7 KiB
Go

package logic
import (
"blackforestbytes.com/simplecloudnotifier/api/apierr"
"blackforestbytes.com/simplecloudnotifier/common/ginresp"
"gogs.mikescher.com/BlackForestBytes/goext/langext"
)
type PermKeyType string
const (
PermKeyTypeNone PermKeyType = "NONE" // (nothing)
PermKeyTypeUserSend PermKeyType = "USER_SEND" // send-messages
PermKeyTypeUserRead PermKeyType = "USER_READ" // send-messages, list-messages, read-user
PermKeyTypeUserAdmin PermKeyType = "USER_ADMIN" // send-messages, list-messages, read-user, delete-messages, update-user
PermKeyTypeChannelSub PermKeyType = "CHAN_SUBSCRIBE" // subscribe-channel
PermKeyTypeChannelSend PermKeyType = "CHAN_SEND" // send-messages
)
type PermissionSet struct {
ReferenceID *int64
KeyType PermKeyType
}
func NewEmptyPermissions() PermissionSet {
return PermissionSet{
ReferenceID: nil,
KeyType: PermKeyTypeNone,
}
}
var respoNotAuthorized = ginresp.InternAPIError(401, apierr.USER_AUTH_FAILED, "You are not authorized for this action", nil)
func (ac *AppContext) CheckPermissionUserRead(userid int64) *ginresp.HTTPResponse {
p := ac.permissions
if p.ReferenceID != nil && *p.ReferenceID == userid && p.KeyType == PermKeyTypeUserRead {
return nil
}
if p.ReferenceID != nil && *p.ReferenceID == userid && p.KeyType == PermKeyTypeUserAdmin {
return nil
}
return langext.Ptr(respoNotAuthorized)
}
func (ac *AppContext) CheckPermissionUserAdmin(userid int64) *ginresp.HTTPResponse {
p := ac.permissions
if p.ReferenceID != nil && *p.ReferenceID == userid && p.KeyType == PermKeyTypeUserAdmin {
return nil
}
return langext.Ptr(respoNotAuthorized)
}