func (h *Handler) Delete(ctx context.Context, rw http.ResponseWriter, req *http.Request) { id, ok := mux.Vars(req)["id"] if !ok { http.Error(rw, "No id given.", http.StatusBadRequest) return } h.m.IsAuthorized(permission(id), "delete", middleware.Env(req).Owner(id))(hydcon.ContextHandlerFunc( func(ctx context.Context, rw http.ResponseWriter, req *http.Request) { if err := h.s.Delete(id); err != nil { http.Error(rw, err.Error(), http.StatusInternalServerError) return } rw.WriteHeader(http.StatusAccepted) }), ).ServeHTTPContext(ctx, rw, req) }
func (h *Handler) Find(ctx context.Context, rw http.ResponseWriter, req *http.Request) { subject, ok := mux.Vars(req)["subject"] if !ok { http.Error(rw, "No id given.", http.StatusBadRequest) return } h.m.IsAuthorized(connectionsPermission, "get", middleware.Env(req).Owner(subject))(hydcon.ContextHandlerFunc( func(ctx context.Context, rw http.ResponseWriter, req *http.Request) { conns, err := h.s.FindAllByLocalSubject(subject) if err != nil { http.Error(rw, err.Error(), http.StatusNotFound) return } WriteJSON(rw, conns) }, )).ServeHTTPContext(ctx, rw, req) }
func (h *Handler) Get(ctx context.Context, rw http.ResponseWriter, req *http.Request) { id, ok := mux.Vars(req)["id"] if !ok { http.Error(rw, "No id given.", http.StatusBadRequest) return } conn, err := h.s.Get(id) if err != nil { http.Error(rw, err.Error(), http.StatusNotFound) return } h.m.IsAuthorized(permission(id), "get", middleware.Env(req).Owner(conn.GetLocalSubject()))(hydcon.ContextHandlerFunc( func(ctx context.Context, rw http.ResponseWriter, req *http.Request) { WriteJSON(rw, conn) }, )).ServeHTTPContext(ctx, rw, req) }
func (h *Handler) Get(ctx context.Context, rw http.ResponseWriter, req *http.Request) { id, ok := mux.Vars(req)["id"] if !ok { http.Error(rw, "No id given.", http.StatusBadRequest) return } h.m.IsAuthorized(permission(id), "get", middleware.Env(req).Owner(id))(hydcon.ContextHandlerFunc( func(ctx context.Context, rw http.ResponseWriter, req *http.Request) { user, err := h.s.Get(id) if err == ErrNotFound { http.Error(rw, err.Error(), http.StatusNotFound) return } else if err != nil { http.Error(rw, err.Error(), http.StatusInternalServerError) return } WriteJSON(rw, user) }), ).ServeHTTPContext(ctx, rw, req) }
func (h *Handler) authenticate(w http.ResponseWriter, r *http.Request, email, password string) (account.Account, error) { acc, err := h.Accounts.Authenticate(email, password) if err != nil { http.Error(w, "Could not authenticate.", http.StatusUnauthorized) return nil, err } policies, err := h.Policies.FindPoliciesForSubject(acc.GetID()) if err != nil { http.Error(w, fmt.Sprintf("Could not fetch policies: %s", err.Error()), http.StatusInternalServerError) return nil, err } if granted, err := h.Guard.IsGranted("/oauth2/authorize", "authorize", acc.GetID(), policies, middleware.Env(r).Ctx()); !granted { err = errors.Errorf(`Subject "%s" is not allowed to authorize.`, acc.GetID()) http.Error(w, err.Error(), http.StatusUnauthorized) return nil, err } else if err != nil { http.Error(w, fmt.Sprintf(`Authorization failed for Subject "%s": %s`, acc.GetID(), err.Error()), http.StatusInternalServerError) return nil, err } return acc, nil }