// Returns an HTTP 403 error if the User is not allowed to access any of the document's channels.
// A nil User means access control is disabled, so the function will return nil.
func AuthorizeAnyDocChannels(user auth.User, channels ChannelMap) error {
if user == nil {
return nil
}
for channel, removed := range channels {
if removed == nil && user.CanSeeChannel(channel) {
return nil
}
}
if user.CanSeeChannel("*") {
return nil // Doc is not in any channels, but user has all-access
}
return user.UnauthError("You are not allowed to see this")
}
// Returns an HTTP 403 error if the User is not allowed to access any of the document's channels.
// A nil User means access control is disabled, so the function will return nil.
func AuthorizeAnyDocChannels(user *auth.User, channels ChannelMap) error {
if user == nil {
return nil
} else if user.Channels != nil {
for _, channel := range user.Channels {
if channel == "*" {
return nil
}
value, exists := channels[channel]
if exists && value == nil {
return nil // yup, it's in this channel
}
}
}
return user.UnauthError("You are not allowed to see this")
}
