func authMiddleware(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ctx := getContext(r) var allow bool if r.Method[0] == 'P' { // PUT, POST, PATCH allow = db.WriteAllowedAt(ctx.path, ctx.user) } else { // otherwise allow = db.ReadAllowedAt(ctx.path, ctx.user) } if !allow { res := responses.Unauthorized() w.WriteHeader(res.Code) json.NewEncoder(w).Encode(res) return } next.ServeHTTP(w, r) }) }
// HTTP handler for writing security metadata func WriteSecurity(w http.ResponseWriter, r *http.Request) { ctx := getContext(r) path := db.CleanPath(ctx.path) if !db.AdminAllowedAt(path, ctx.user) { res := responses.Unauthorized() w.WriteHeader(res.Code) json.NewEncoder(w).Encode(res) return } err := db.SetRulesAt(path, ctx.jsonBody) if err != nil { res := responses.UnknownError() w.WriteHeader(res.Code) json.NewEncoder(w).Encode(res) return } res := responses.Success{Ok: true} w.Header().Add("Content-Type", "application/json") w.WriteHeader(200) json.NewEncoder(w).Encode(res) }