mirror of
https://git.rwth-aachen.de/acs/public/villas/web-backend-go/
synced 2025-03-30 00:00:12 +01:00
2ffda7cad8
- improve returning of error codes by using common functions - use a separate file for authentication endpoint to improve clarity of code
51 lines
1.3 KiB
Go
51 lines
1.3 KiB
Go
package dashboard
|
|
|
|
import (
|
|
"fmt"
|
|
"git.rwth-aachen.de/acs/public/villas/villasweb-backend-go/routes/scenario"
|
|
"strconv"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
"git.rwth-aachen.de/acs/public/villas/villasweb-backend-go/common"
|
|
)
|
|
|
|
func CheckPermissions(c *gin.Context, operation common.CRUD, dabIDSource string, dabIDBody int) (bool, Dashboard) {
|
|
|
|
var dab Dashboard
|
|
|
|
err := common.ValidateRole(c, common.ModelDashboard, operation)
|
|
if err != nil {
|
|
common.UnprocessableEntityError(c, fmt.Sprintf("Access denied (role validation failed): %v", err.Error()))
|
|
return false, dab
|
|
}
|
|
|
|
var dabID int
|
|
if dabIDSource == "path" {
|
|
dabID, err = strconv.Atoi(c.Param("dashboardID"))
|
|
if err != nil {
|
|
common.BadRequestError(c, fmt.Sprintf("No or incorrect format of dashboardID path parameter"))
|
|
return false, dab
|
|
}
|
|
} else if dabIDSource == "query" {
|
|
dabID, err = strconv.Atoi(c.Request.URL.Query().Get("dashboardID"))
|
|
if err != nil {
|
|
common.BadRequestError(c, fmt.Sprintf("No or incorrect format of dashboardID query parameter"))
|
|
return false, dab
|
|
}
|
|
} else if dabIDSource == "body" {
|
|
dabID = dabIDBody
|
|
}
|
|
|
|
err = dab.ByID(uint(dabID))
|
|
if common.DBError(c, err) {
|
|
return false, dab
|
|
}
|
|
|
|
ok, _ := scenario.CheckPermissions(c, operation, "body", int(dab.ScenarioID))
|
|
if !ok {
|
|
return false, dab
|
|
}
|
|
|
|
return true, dab
|
|
}
|