mirror of
				https://github.com/woodpecker-ci/woodpecker.git
				synced 2025-10-26 01:41:00 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			58 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			58 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| package middleware
 | |
| 
 | |
| import (
 | |
| 	"net/http"
 | |
| 
 | |
| 	"github.com/drone/drone/server/session"
 | |
| 	"github.com/goji/context"
 | |
| 	"github.com/zenazn/goji/web"
 | |
| )
 | |
| 
 | |
| // SetUser is a middleware function that retrieves
 | |
| // the currently authenticated user from the request
 | |
| // and stores in the context.
 | |
| func SetUser(c *web.C, h http.Handler) http.Handler {
 | |
| 	fn := func(w http.ResponseWriter, r *http.Request) {
 | |
| 		var ctx = context.FromC(*c)
 | |
| 		var user = session.GetUser(ctx, r)
 | |
| 		if user != nil && user.ID != 0 {
 | |
| 			UserToC(c, user)
 | |
| 		}
 | |
| 		h.ServeHTTP(w, r)
 | |
| 	}
 | |
| 	return http.HandlerFunc(fn)
 | |
| }
 | |
| 
 | |
| // RequireUser is a middleware function that verifies
 | |
| // there is a currently authenticated user stored in
 | |
| // the context.
 | |
| func RequireUser(c *web.C, h http.Handler) http.Handler {
 | |
| 	fn := func(w http.ResponseWriter, r *http.Request) {
 | |
| 		if ToUser(c) == nil {
 | |
| 			w.WriteHeader(http.StatusUnauthorized)
 | |
| 			return
 | |
| 		}
 | |
| 		h.ServeHTTP(w, r)
 | |
| 	}
 | |
| 	return http.HandlerFunc(fn)
 | |
| }
 | |
| 
 | |
| // RequireUserAdmin is a middleware function that verifies
 | |
| // there is a currently authenticated user stored in
 | |
| // the context with ADMIN privilege.
 | |
| func RequireUserAdmin(c *web.C, h http.Handler) http.Handler {
 | |
| 	fn := func(w http.ResponseWriter, r *http.Request) {
 | |
| 		var user = ToUser(c)
 | |
| 		switch {
 | |
| 		case user == nil:
 | |
| 			w.WriteHeader(http.StatusUnauthorized)
 | |
| 			return
 | |
| 		case user != nil && !user.Admin:
 | |
| 			w.WriteHeader(http.StatusForbidden)
 | |
| 			return
 | |
| 		}
 | |
| 		h.ServeHTTP(w, r)
 | |
| 	}
 | |
| 	return http.HandlerFunc(fn)
 | |
| }
 |