HyperNet/Passport
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Permission check

Browse Source
This commit is contained in:
LittleSheep
2025-03-23 17:25:38 +08:00
parent c4758c6217
commit b18dd5ef82
2 changed files with 56 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/internal/web/api/index.go
View File

@@ -198,6 +198,9 @@ func MapControllers(app *fiber.App, baseURL string) {
}
}
api.Post("/permissions/check", checkPermission)
api.Post("/permissions/check/:userId", checkUserPermission)
api.All("/*", func(c *fiber.Ctx) error {
return fiber.ErrNotFound
})

53
pkg/internal/web/api/perms_api.go Normal file
View File

@@ -0,0 +1,53 @@
package api
import (
"git.solsynth.dev/hypernet/passport/pkg/authkit/models"
"git.solsynth.dev/hypernet/passport/pkg/internal/services"
"git.solsynth.dev/hypernet/passport/pkg/internal/web/exts"
"github.com/gofiber/fiber/v2"
jsoniter "github.com/json-iterator/go"
)
func checkPermission(c *fiber.Ctx) error {
var data struct {
PermNode string `json:"perm_node" validate:"required"`
Value any `json:"value" validate:"required"`
}
if err := exts.BindAndValidate(c, &data); err != nil {
return err
}
if err := exts.EnsureAuthenticated(c); err != nil {
return err
}
user := c.Locals("user").(models.Account)
var heldPerms map[string]any
rawHeldPerms, _ := jsoniter.Marshal(user.PermNodes)
_ = jsoniter.Unmarshal(rawHeldPerms, &heldPerms)
valid := services.HasPermNode(heldPerms, data.PermNode, data.Value)
if !valid {
return c.SendStatus(fiber.StatusForbidden)
}
return c.SendStatus(fiber.StatusOK)
}
func checkUserPermission(c *fiber.Ctx) error {
var data struct {
PermNode string `json:"perm_node" validate:"required"`
Value any `json:"value" validate:"required"`
}
if err := exts.EnsureAuthenticated(c); err != nil {
return err
}
user := c.Locals("user").(models.Account)
relatedId, _ := c.ParamsInt("userId")
relation, err := services.GetRelationWithTwoNode(user.ID, uint(relatedId))
if err != nil {
return err
}
defaultPerm := relation.Status == models.RelationshipFriend
valid := services.HasPermNodeWithDefault(relation.PermNodes, data.PermNode, data.Value, defaultPerm)
if !valid {
return c.SendStatus(fiber.StatusForbidden)
}
return c.SendStatus(fiber.StatusOK)
}