// CurrentUserHasRole checks for the presents of a role listed under the current user.
// The role is retrieved from the users session to save on lookups.
func CurrentUserHasRole(w http.ResponseWriter, r *http.Request, role string) bool {
// Confirm we have a user.
if id, err := CurrentUserID(r); id != "" || err != nil {
return false
}
c := context.NewContext(r)
store, err := session.GetStore(c)
if err != nil {
c.Criticalf("user: There was an error retrieving the session store Error: %v", err)
return false
}
// 1st Check the session.
s, err := store.Get(r, "user|roles")
if err != nil {
c.Criticalf("user: There was an error retrieving the session Error: %v", err)
return false
}
if s.Values[role] == true {
return true
}
// 2nd Check the ds.
u, err := Current(r)
if err != nil {
return false
}
if u.HasRole(role) {
// Set the role to true in the session to avoid this look up in the future.
if err = CurrentUserSetRole(w, r, role, true); err != nil {
return false
}
return true
}
return false
}
// CurrentUserSetID adds the provided userId to the current users session/cookie
func CurrentUserSetID(w http.ResponseWriter, r *http.Request, userId string) error {
c := context.NewContext(r)
store, err := session.GetStore(c)
if err != nil {
c.Criticalf("user: There was an error retrieving the session store Error: %v", err)
}
s, err := store.Get(r, "user")
if err != nil {
c.Criticalf("user: There was an error retrieving the session Error: %v", err)
return err
}
s.Values["userid"] = userId
return s.Save(r, w)
}
// CurrentUserID returns the userId of the requesting user.
func CurrentUserID(r *http.Request) (string, error) {
c := context.NewContext(r)
store, err := session.GetStore(c)
if err != nil {
c.Criticalf("user: There was an error retrieving the session store Error: %v", err)
}
s, err := store.Get(r, "user")
if err != nil {
c.Criticalf("user: There was an error retrieving the session Error: %v", err)
}
if err != nil {
return "", err
}
id, _ := s.Values["userid"].(string)
return id, err
}
// CurrentUserSetRole adds role to the current user's roles.
// The role is stored in the users session to save on lookups.
func CurrentUserSetRole(w http.ResponseWriter, r *http.Request, role string,
value bool) (err error) {
c := context.NewContext(r)
store, err := session.GetStore(c)
if err != nil {
c.Criticalf("user: There was an error retrieving the session store Error: %v", err)
return
}
s, err := store.Get(r, "user")
if err != nil {
c.Criticalf("user: There was an error retrieving the session Error: %v", err)
return
}
// If the user is already an admin then there's no need to
// re-add the that role.
// if !user.CurrentUserHasRole(w, r, "admin") {
// u.AddRole("admin")
// }
s.Values[role] = value
return s.Save(r, w)
}