示例#1
0
文件: user.go 项目: Epictetus/wfdr
func GetExisting(r *http.Request) (u *User, err os.Error) {
	s, err := session.GetExisting(r)
	if err != nil {
		return nil, err
	}
	u = new(User)
	u.ID = s.Get("openid-email")
	err = u.Load()
	return
}
示例#2
0
文件: perms.go 项目: Epictetus/wfdr
// Basic function that retrieves the permissions a user has based on the contents of their request, including cookies and request path. Designed to be a simple function for most uses. If you want more control, you can use the GetGroupPerms and GetUserPerms functions.
func Get(r *http.Request) (p *Permissions) {
	p = new(Permissions)
	s, e := session.GetExisting(r)
	if e != nil {
		p.Authenticated = false
		return
	}
	p.Authenticated = true
	// Current authentication is based on e-mail. Might change this?
	uname := s.Get("openid-email")
	fmt.Println("Getting permissions for", uname)
	uperms := GetUserPerms(uname, r.URL.Path)
	if uperms == nil {
		p.Recognized = false
		return
	}
	p.Write = uperms.Write
	p.Read = uperms.Read
	fmt.Println("Grabbed permissions for user")
	groups := loadGroups(uname)
	for _, group := range groups {
		gperms := GetGroupPerms(group, r.URL.Path)
		if gperms == nil {
			continue
		}
		// Use the most permissive interpretation of the permissions. If a group is allowed to access something, so should all the users in the group.
		if !uperms.Read {
			if gperms.Read {
				p.Read = true
			}
		}
		if !uperms.Write {
			if gperms.Write {
				p.Write = true
			}
		}
	}
	return
}