gitea-admin/lti-api
1
0
Fork 0
mirror of https://gitlab.com/mbugroup/lti-api.git synced 2026-05-20 13:31:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

add project flock middleware

Browse Source
This commit is contained in:
ragilap
2025-12-08 17:30:11 +07:00
parent 89b23b0653
commit e6094528b5
5 changed files with 106 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/middleware/permissions.go
+21 -70
View File
@@ -1,75 +1,26 @@
package middleware
import (
"strings"
//project-flock
const (
P_ProjectFlockKandangsClosing = "lti.production.project_flock_kandangs.closing"
P_ProjectFlockKandangsGetAll = "lti.production.project_flock_kandangs.list"
P_ProjectFlockKandangsGetOne = "lti.production.project_flock_kandangs.detail"
"github.com/gofiber/fiber/v2"
P_ProjectFlockGetAll = "lti.production.project_flocks.list"
P_ProjectFlockCreate = "lti.production.project_flocks.create"
P_ProjectFlockGetOne = "lti.production.project_flocks.detail"
P_ProjectFlockUpdate = "lti.production.project_flocks.update"
P_ProjectFlockDelete = "lti.production.project_flocks.delete"
P_ProjectFlockApprove = "lti.production.project_flocks.approve"
P_ProjectFlockLookup = "lti.production.project_flocks.lookup"
P_ProjectFlockNextPeriod = "lti.production.project_flocks.next_period"
P_ProjectFlockResubmit = "lti.production.project_flocks.resubmit"
)
// RequirePermissions ensures the authenticated user possesses all specified permissions.
func RequirePermissions(perms ...string) fiber.Handler {
required := canonicalPermissions(perms)
return func(c *fiber.Ctx) error {
if len(required) == 0 {
return c.Next()
}
ctx, ok := AuthDetails(c)
if !ok || ctx == nil {
return fiber.NewError(fiber.StatusUnauthorized, "Please authenticate")
}
userPerms := ctx.permissionSet()
if len(userPerms) == 0 {
return fiber.NewError(fiber.StatusForbidden, "Insufficient permission")
}
for _, perm := range required {
if _, has := userPerms[perm]; !has {
return fiber.NewError(fiber.StatusForbidden, "Insufficient permission")
}
}
return c.Next()
}
}
// HasPermission reports whether the current request context includes the given permission.
func HasPermission(c *fiber.Ctx, perm string) bool {
ctx, ok := AuthDetails(c)
if !ok || ctx == nil {
return false
}
perm = canonicalPermission(perm)
if perm == "" {
return false
}
_, has := ctx.permissionSet()[perm]
return has
}
func (a *AuthContext) permissionSet() map[string]struct{} {
if a == nil || a.Permissions == nil {
return nil
}
return a.Permissions
}
func canonicalPermissions(perms []string) []string {
out := make([]string, 0, len(perms))
seen := make(map[string]struct{}, len(perms))
for _, perm := range perms {
if canonical := canonicalPermission(perm); canonical != "" {
if _, ok := seen[canonical]; ok {
continue
}
seen[canonical] = struct{}{}
out = append(out, canonical)
}
}
return out
}
func canonicalPermission(perm string) string {
return strings.ToLower(strings.TrimSpace(perm))
}
//recording
const (
PermissionRecordingRead = "recording.index"
PermissionRecordingCreate = "recording.create"
PermissionRecordingUpdate = "recording.update"
PermissionRecordingDelete = "recording.delete"
)