/** Widget package, middleware. * * @author Sonja Happ * @copyright 2014-2019, Institute for Automation of Complex Power Systems, EONERC * @license GNU General Public License (version 3) * * VILLASweb-backend-go * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . *********************************************************************************/ package widget import ( "fmt" "git.rwth-aachen.de/acs/public/villas/web-backend-go/helper" "github.com/gin-gonic/gin" "git.rwth-aachen.de/acs/public/villas/web-backend-go/database" "git.rwth-aachen.de/acs/public/villas/web-backend-go/routes/dashboard" ) func CheckPermissions(c *gin.Context, operation database.CRUD, widgetIDBody int) (bool, Widget) { var w Widget var err error err = database.ValidateRole(c, database.ModelWidget, operation) if err != nil { helper.UnprocessableEntityError(c, fmt.Sprintf("Access denied (role validation of widget failed): %v", err.Error())) return false, w } var widgetID int if widgetIDBody < 0 { widgetID, err = helper.GetIDOfElement(c, "widgetID", "path", -1) if err != nil { return false, w } } else { widgetID = widgetIDBody } err = w.ByID(uint(widgetID)) if helper.DBError(c, err) { return false, w } ok, _ := dashboard.CheckPermissions(c, operation, "body", int(w.DashboardID)) if !ok { return false, w } return true, w }