func (i *PermissionCacheInter) GetPermissionRoles(accountID int, resource, method string) ([]string, error) {
	roleNames := []string{}

	cachedAccountRoles, err := i.roleCache.Get(accountID)
	if err != nil {
		cachedAccountRoles = []string{}
	}

	cachedAclRoles, err := i.aclCache.Get(AclCacheKey{Resource: resource, Method: method})
	if err != nil {
		cachedAclRoles = []string{}
	}

	accountRoles := cachedAccountRoles.([]string)
	aclRoles := cachedAclRoles.([]string)

	if accountID == 0 {
		accountRoles = append(accountRoles, "Guest", "Anyone")
	} else {
		accountRoles = append(accountRoles, "Authenticated", "Owner", "Anyone")
	}

	for _, role := range accountRoles {
		if utils.ContainsStr(aclRoles, role) {
			roleNames = append(roleNames, role)
		}
	}

	return roleNames, nil
}
Example #2
0
// @Title UpdateByID
// @Description Update attributes of a User instance
// @Accept  json
// @Param   id path int true "User id"
// @Param   User body domain.User true "User instance data"
// @Success 200 {object} domain.User
// @Router /users/{id} [put]
func (c *UserCtrl) UpdateByID(w http.ResponseWriter, r *http.Request, params map[string]string) {
	id, err := strconv.Atoi(params["id"])
	if err != nil {
		c.render.JSONError(w, http.StatusBadRequest, apierrors.InvalidPathParams, err)
		return
	}

	user := &domain.User{}

	err = json.NewDecoder(r.Body).Decode(user)
	if err != nil {
		c.render.JSONError(w, http.StatusBadRequest, apierrors.BodyDecodingError, err)
		return
	}

	lastResource := interfaces.GetLastResource(r)
	filter := interfaces.FilterIfOwnerRelations(r, nil)
	relations := interfaces.GetOwnerRelations(r)

	user.SetRelatedID(lastResource.IDKey, lastResource.ID)

	if roles := context.Get(r, "roles"); roles != nil && utils.ContainsStr(roles.([]string), "Admin") {
		user, err = c.interactor.UpdateByID(id, user, usecases.QueryContext{Filter: filter, OwnerRelations: relations})
	} else {
		user, err = c.guestInter.UpdateByID(id, user, usecases.QueryContext{Filter: filter, OwnerRelations: relations})
	}

	if err != nil {
		switch err {
		case internalerrors.NotFound:
			c.render.JSONError(w, http.StatusUnauthorized, apierrors.Unauthorized, err)
		default:
			c.render.JSONError(w, http.StatusInternalServerError, apierrors.InternalServerError, err)
		}
		return
	}

	user.BeforeRender()
	c.render.JSON(w, http.StatusOK, user)
}