mirror of
https://git.rwth-aachen.de/acs/public/villas/web-backend-go/
synced 2025-03-30 00:00:12 +01:00
2ffda7cad8
- improve returning of error codes by using common functions - use a separate file for authentication endpoint to improve clarity of code
45 lines
1,023 B
Go
45 lines
1,023 B
Go
package widget
|
|
|
|
import (
|
|
"fmt"
|
|
"strconv"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
"git.rwth-aachen.de/acs/public/villas/villasweb-backend-go/common"
|
|
"git.rwth-aachen.de/acs/public/villas/villasweb-backend-go/routes/dashboard"
|
|
)
|
|
|
|
func CheckPermissions(c *gin.Context, operation common.CRUD, widgetIDBody int) (bool, Widget) {
|
|
|
|
var w Widget
|
|
|
|
err := common.ValidateRole(c, common.ModelWidget, operation)
|
|
if err != nil {
|
|
common.UnprocessableEntityError(c, fmt.Sprintf("Access denied (role validation failed): %v", err.Error()))
|
|
return false, w
|
|
}
|
|
|
|
var widgetID int
|
|
if widgetIDBody < 0 {
|
|
widgetID, err = strconv.Atoi(c.Param("widgetID"))
|
|
if err != nil {
|
|
common.BadRequestError(c, fmt.Sprintf("No or incorrect format of widgetID path parameter"))
|
|
return false, w
|
|
}
|
|
} else {
|
|
widgetID = widgetIDBody
|
|
}
|
|
|
|
err = w.ByID(uint(widgetID))
|
|
if common.DBError(c, err) {
|
|
return false, w
|
|
}
|
|
|
|
ok, _ := dashboard.CheckPermissions(c, operation, "body", int(w.DashboardID))
|
|
if !ok {
|
|
return false, w
|
|
}
|
|
|
|
return true, w
|
|
}
|