hr_data_analyzer/middleware/system_admin.go

package middleware

import (
	"hr_receiver/models"
	"net/http"

	"github.com/gin-gonic/gin"
)

func RequireSuperAdmin() gin.HandlerFunc {
	return func(c *gin.Context) {
		roleValue, exists := c.Get("role")
		if !exists {
			c.JSON(http.StatusForbidden, gin.H{"error": "missing user role"})
			c.Abort()
			return
		}
		role, ok := roleValue.(models.UserRole)
		if !ok {
			c.JSON(http.StatusForbidden, gin.H{"error": "invalid user role"})
			c.Abort()
			return
		}
		if role != models.UserRoleSuperAdmin {
			c.JSON(http.StatusForbidden, gin.H{"error": "super admin required"})
			c.Abort()
			return
		}
		c.Next()
	}
}