func (i *PermissionCacheInter) GetPermissionRoles(accountID int, resource, method string) ([]string, error) {
roleNames := []string{}
cachedAccountRoles, err := i.roleCache.Get(accountID)
if err != nil {
cachedAccountRoles = []string{}
}
cachedAclRoles, err := i.aclCache.Get(AclCacheKey{Resource: resource, Method: method})
if err != nil {
cachedAclRoles = []string{}
}
accountRoles := cachedAccountRoles.([]string)
aclRoles := cachedAclRoles.([]string)
if accountID == 0 {
accountRoles = append(accountRoles, "Guest", "Anyone")
} else {
accountRoles = append(accountRoles, "Authenticated", "Owner", "Anyone")
}
for _, role := range accountRoles {
if utils.ContainsStr(aclRoles, role) {
roleNames = append(roleNames, role)
}
}
return roleNames, nil
}
// @Title UpdateByID
// @Description Update attributes of a User instance
// @Accept json
// @Param id path int true "User id"
// @Param User body domain.User true "User instance data"
// @Success 200 {object} domain.User
// @Router /users/{id} [put]
func (c *UserCtrl) UpdateByID(w http.ResponseWriter, r *http.Request, params map[string]string) {
id, err := strconv.Atoi(params["id"])
if err != nil {
c.render.JSONError(w, http.StatusBadRequest, apierrors.InvalidPathParams, err)
return
}
user := &domain.User{}
err = json.NewDecoder(r.Body).Decode(user)
if err != nil {
c.render.JSONError(w, http.StatusBadRequest, apierrors.BodyDecodingError, err)
return
}
lastResource := interfaces.GetLastResource(r)
filter := interfaces.FilterIfOwnerRelations(r, nil)
relations := interfaces.GetOwnerRelations(r)
user.SetRelatedID(lastResource.IDKey, lastResource.ID)
if roles := context.Get(r, "roles"); roles != nil && utils.ContainsStr(roles.([]string), "Admin") {
user, err = c.interactor.UpdateByID(id, user, usecases.QueryContext{Filter: filter, OwnerRelations: relations})
} else {
user, err = c.guestInter.UpdateByID(id, user, usecases.QueryContext{Filter: filter, OwnerRelations: relations})
}
if err != nil {
switch err {
case internalerrors.NotFound:
c.render.JSONError(w, http.StatusUnauthorized, apierrors.Unauthorized, err)
default:
c.render.JSONError(w, http.StatusInternalServerError, apierrors.InternalServerError, err)
}
return
}
user.BeforeRender()
c.render.JSON(w, http.StatusOK, user)
}