diff --git a/internal/app/server.go b/internal/app/server.go index 191a2d3..5d71401 100644 --- a/internal/app/server.go +++ b/internal/app/server.go @@ -81,7 +81,7 @@ func (s *server) Refresh(ctx context.Context, req *proto.RefreshReq) (*proto.Ref func (s *server) GetUsers(ctx context.Context, req *proto.GetUsersReq) (*proto.GetUsersRsp, error) { claims := ctx.Value("claims").(*processor_jwt.JWTClaims) - if !claims.HasRole(roles.Admin) { + if !roles.HasRole(claims, roles.Admin) { return nil, status.Errorf(codes.PermissionDenied, "permission denied") } users, err := s.usersService.GetUsers(ctx) @@ -129,7 +129,7 @@ func (s *server) GetMe(ctx context.Context, req *proto.GetMeReq) (*proto.GetMeRs func (s *server) AddUserRole(ctx context.Context, req *proto.AddUserRoleReq) (*proto.AddUserRoleRsp, error) { claims := ctx.Value("claims").(*processor_jwt.JWTClaims) - if !claims.HasRole(roles.Admin) { + if !roles.HasRole(claims, roles.Admin) { return nil, status.Errorf(codes.PermissionDenied, "permission denied") } if err := s.usersService.AddUserRole(ctx, int(req.Id), req.Role); err != nil { @@ -142,7 +142,7 @@ func (s *server) AddUserRole(ctx context.Context, req *proto.AddUserRoleReq) (*p func (s *server) DeleteUserRole(ctx context.Context, req *proto.DeleteUserRoleReq) (*proto.DeleteUserRoleRsp, error) { claims := ctx.Value("claims").(*processor_jwt.JWTClaims) - if !claims.HasRole(roles.Admin) { + if !roles.HasRole(claims, roles.Admin) { return nil, status.Errorf(codes.PermissionDenied, "permission denied") } if err := s.usersService.DeleteUserRole(ctx, int(req.Id), req.Role); err != nil { diff --git a/internal/modules/roles/roles.go b/internal/modules/roles/roles.go index 7597da5..bc4ee3e 100644 --- a/internal/modules/roles/roles.go +++ b/internal/modules/roles/roles.go @@ -13,3 +13,15 @@ var AllRoles = []string{ Organizer, User, } + +type IHasRole interface { + HasRole(role string) bool +} + +func HasRole(claims IHasRole, role string) bool { + if claims.HasRole(Admin) { + return true + } + + return claims.HasRole(role) +}