示例#1
0
func (l amRestful) getPrivilege(request *restful.Request, response *restful.Response) *privilegeInfo {
	var privilege privilegeInfo

	err := request.ReadEntity(&privilege)
	if err == nil {
		err = am.IsValidPrivilege(privilege.Privilege)
	}
	if err != nil {
		l.setError(response, http.StatusBadRequest, err)
		return nil
	}
	return &privilege
}
示例#2
0
// Verify that the given privilege matches the one that is associated with the user defined in the token
func IsPrivilegeOk(tokenString string, privilege string, ipAddr string, verifyKey []byte) (bool, error) {
	err := am.IsValidPrivilege(privilege)
	if err != nil {
		return false, err
	}
	token, err := ParseToken(tokenString, ipAddr, verifyKey)
	if err != nil {
		return false, err
	}
	var entityName string
	if privilege == SuperUserPermission {
		entityName = stc.SuperUserGroupName
	} else if privilege == AdminPermission {
		entityName = stc.AdminGroupName
	} else {
		entityName = stc.UsersGroupName
	}
	if usersList.IsUserPartOfAGroup(entityName, token.UserName) {
		return true, nil
	}
	return false, fmt.Errorf("The privilege %v is not permited to this operation", token.Privilege)
}