// Returns an HTTP 403 error if the User is not allowed to access any of the document's channels. // A nil User means access control is disabled, so the function will return nil. func AuthorizeAnyDocChannels(user auth.User, channels ChannelMap) error { if user == nil { return nil } for channel, removed := range channels { if removed == nil && user.CanSeeChannel(channel) { return nil } } if user.CanSeeChannel("*") { return nil // Doc is not in any channels, but user has all-access } return user.UnauthError("You are not allowed to see this") }
// Returns an HTTP 403 error if the User is not allowed to access any of the document's channels. // A nil User means access control is disabled, so the function will return nil. func AuthorizeAnyDocChannels(user *auth.User, channels ChannelMap) error { if user == nil { return nil } else if user.Channels != nil { for _, channel := range user.Channels { if channel == "*" { return nil } value, exists := channels[channel] if exists && value == nil { return nil // yup, it's in this channel } } } return user.UnauthError("You are not allowed to see this") }