feat(webui): add user accounts list, admin middleware and admin restricted menu entries

2025-02-26 00:07:35 +01:00 · 2025-02-26 00:07:35 +01:00 · e23a146490
commit e23a146490
parent fb98b4fffe
9 changed files with 143 additions and 2 deletions
--- a/pkg/webui/admin.go
+++ b/pkg/webui/admin.go
@ -0,0 +1,28 @@
+package webui
+
+import (
+	"fmt"
+	"net/http"
+
+	"git.adyxax.org/adyxax/tfstated/pkg/database"
+	"git.adyxax.org/adyxax/tfstated/pkg/model"
+)
+
+func adminMiddleware(db *database.DB, requireLogin func(http.Handler) http.Handler) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return requireLogin(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			account := r.Context().Value(model.AccountContextKey{})
+			if account == nil {
+				// this could happen if the account was deleted in the short
+				// time between retrieving the session and here
+				http.Redirect(w, r, "/login", http.StatusFound)
+				return
+			}
+			if !account.(*model.Account).IsAdmin {
+				errorResponse(w, http.StatusForbidden, fmt.Errorf("Only administrators can perform this request."))
+				return
+			}
+			next.ServeHTTP(w, r)
+		}))
+	}
+}