28 lines
853 B
Go
28 lines
853 B
Go
package webui
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"git.adyxax.org/adyxax/tfstated/pkg/database"
|
|
"git.adyxax.org/adyxax/tfstated/pkg/model"
|
|
)
|
|
|
|
func adminMiddleware(db *database.DB, requireLogin func(http.Handler) http.Handler) func(http.Handler) http.Handler {
|
|
return func(next http.Handler) http.Handler {
|
|
return requireLogin(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
account := r.Context().Value(model.AccountContextKey{})
|
|
if account == nil {
|
|
// this could happen if the account was deleted in the short
|
|
// time between retrieving the session and here
|
|
http.Redirect(w, r, "/login", http.StatusFound)
|
|
return
|
|
}
|
|
if !account.(*model.Account).IsAdmin {
|
|
errorResponse(w, http.StatusForbidden, fmt.Errorf("Only administrators can perform this request."))
|
|
return
|
|
}
|
|
next.ServeHTTP(w, r)
|
|
}))
|
|
}
|
|
}
|