func (self *AuthorityResource) Get(ctx *rfweb.Context) {
res := RespData{}
id := ctx.Get("id")
if id == "all" {
authoritys, err := auth.GetAllAuthority()
if err != nil {
res.Error = err.Error()
} else {
res.Success = true
res.Data = authoritys
}
} else if id != "" {
authority, err := auth.GetAuthorityByID(id)
if err != nil {
res.Error = err.Error()
} else {
res.Success = true
res.Data = authority
}
} else {
email := ctx.Get("email")
if email != "" {
authority, err := auth.GetAuthorityByEmail(email)
if err != nil {
res.Error = err.Error()
} else {
res.Success = true
res.Data = authority
}
}
}
util.WriteJson(ctx.W, res)
}
// check permission
func (self *BaseResource) OnHandleBegin(ctx *rfweb.Context) bool {
user := auth.GetLoginedUser(ctx)
errMsg := ""
if user == nil || user.Email == "" {
errMsg = "please login first."
} else {
authority, err := auth.GetAuthorityByEmail(user.Email)
if err != nil {
errMsg = "can't get authority, error: " + err.Error()
} else if authority == nil || authority.AdminLevel < 10 {
errMsg = "you don't has permission."
}
}
if errMsg != "" {
isXHR := ctx.R.Header.Get("X-Requested-With") == "XMLHttpRequest"
if isXHR {
res := RespData{
Error: errMsg,
}
util.WriteJson(ctx.W, res)
} else {
http.Error(ctx.W, errMsg, http.StatusForbidden)
}
return false
}
return true
}
func StaticServer(w http.ResponseWriter, r *http.Request) {
// check permission
if r.RequestURI == AproxyUrlPrefix ||
r.RequestURI == AproxyUrlPrefix+"index.html" {
ctx := rfweb.NewContext(w, r)
user := auth.GetLoginedUser(ctx)
errMsg := ""
if user == nil {
login.RedirectToLogin(w, r)
return
} else {
authority, err := auth.GetAuthorityByEmail(user.Email)
if err != nil {
errMsg = "can't get authority, error: " + err.Error()
} else if authority == nil || authority.AdminLevel < 10 {
errMsg = "you don't has permission."
}
}
if errMsg != "" {
http.Error(ctx.W, errMsg, http.StatusForbidden)
return
}
}
http.StripPrefix(AproxyUrlPrefix,
fileServer).ServeHTTP(w, r)
}
func setAdmin(email string, level int) error {
if level != 50 && level != 99 {
return fmt.Errorf("adminlevel must be 50 or 99")
}
authority, err := auth.GetAuthorityByEmail(email)
if err != nil {
return fmt.Errorf("query Authority for %s got error: %s",
email, err.Error())
}
if authority != nil {
authority.AdminLevel = level
err = auth.UpdateAuthority(authority.Id, authority)
} else {
authority = &auth.Authority{}
authority.Email = email
authority.AdminLevel = level
err = auth.InsertAuthority(authority)
}
return err
}