generated from VLADIMIR/template
update roles
This commit is contained in:
@@ -81,7 +81,7 @@ func (s *server) Refresh(ctx context.Context, req *proto.RefreshReq) (*proto.Ref
|
|||||||
|
|
||||||
func (s *server) GetUsers(ctx context.Context, req *proto.GetUsersReq) (*proto.GetUsersRsp, error) {
|
func (s *server) GetUsers(ctx context.Context, req *proto.GetUsersReq) (*proto.GetUsersRsp, error) {
|
||||||
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
||||||
if !claims.HasRole(roles.Admin) {
|
if !roles.HasRole(claims, roles.Admin) {
|
||||||
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
|
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
|
||||||
}
|
}
|
||||||
users, err := s.usersService.GetUsers(ctx)
|
users, err := s.usersService.GetUsers(ctx)
|
||||||
@@ -129,7 +129,7 @@ func (s *server) GetMe(ctx context.Context, req *proto.GetMeReq) (*proto.GetMeRs
|
|||||||
|
|
||||||
func (s *server) AddUserRole(ctx context.Context, req *proto.AddUserRoleReq) (*proto.AddUserRoleRsp, error) {
|
func (s *server) AddUserRole(ctx context.Context, req *proto.AddUserRoleReq) (*proto.AddUserRoleRsp, error) {
|
||||||
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
||||||
if !claims.HasRole(roles.Admin) {
|
if !roles.HasRole(claims, roles.Admin) {
|
||||||
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
|
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
|
||||||
}
|
}
|
||||||
if err := s.usersService.AddUserRole(ctx, int(req.Id), req.Role); err != nil {
|
if err := s.usersService.AddUserRole(ctx, int(req.Id), req.Role); err != nil {
|
||||||
@@ -142,7 +142,7 @@ func (s *server) AddUserRole(ctx context.Context, req *proto.AddUserRoleReq) (*p
|
|||||||
|
|
||||||
func (s *server) DeleteUserRole(ctx context.Context, req *proto.DeleteUserRoleReq) (*proto.DeleteUserRoleRsp, error) {
|
func (s *server) DeleteUserRole(ctx context.Context, req *proto.DeleteUserRoleReq) (*proto.DeleteUserRoleRsp, error) {
|
||||||
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
||||||
if !claims.HasRole(roles.Admin) {
|
if !roles.HasRole(claims, roles.Admin) {
|
||||||
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
|
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
|
||||||
}
|
}
|
||||||
if err := s.usersService.DeleteUserRole(ctx, int(req.Id), req.Role); err != nil {
|
if err := s.usersService.DeleteUserRole(ctx, int(req.Id), req.Role); err != nil {
|
||||||
|
|||||||
@@ -13,3 +13,15 @@ var AllRoles = []string{
|
|||||||
Organizer,
|
Organizer,
|
||||||
User,
|
User,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type IHasRole interface {
|
||||||
|
HasRole(role string) bool
|
||||||
|
}
|
||||||
|
|
||||||
|
func HasRole(claims IHasRole, role string) bool {
|
||||||
|
if claims.HasRole(Admin) {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|
||||||
|
return claims.HasRole(role)
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user