60 lines
1.3 KiB
Go
60 lines
1.3 KiB
Go
package middleware
|
|
|
|
import (
|
|
"hr_receiver/models"
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
func RequireStepTrainingAccess() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
roleValue, exists := c.Get("role")
|
|
if !exists {
|
|
c.JSON(http.StatusForbidden, gin.H{"error": "missing user role"})
|
|
c.Abort()
|
|
return
|
|
}
|
|
role, ok := roleValue.(models.UserRole)
|
|
if !ok {
|
|
c.JSON(http.StatusForbidden, gin.H{"error": "invalid user role"})
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
if role != models.UserRoleSuperAdmin &&
|
|
role != models.UserRoleRegionAdmin &&
|
|
role != models.UserRoleOperator {
|
|
c.JSON(http.StatusForbidden, gin.H{"error": "insufficient role permissions"})
|
|
c.Abort()
|
|
return
|
|
}
|
|
if role == models.UserRoleSuperAdmin {
|
|
c.Next()
|
|
return
|
|
}
|
|
|
|
flavorValue, exists := c.Get("flavorType")
|
|
if !exists {
|
|
c.JSON(http.StatusForbidden, gin.H{"error": "missing user flavor"})
|
|
c.Abort()
|
|
return
|
|
}
|
|
flavorType, ok := flavorValue.(models.UserFlavorType)
|
|
if !ok {
|
|
c.JSON(http.StatusForbidden, gin.H{"error": "invalid user flavor"})
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
if flavorType != models.UserFlavorAll &&
|
|
flavorType != models.UserFlavorFlink {
|
|
c.JSON(http.StatusForbidden, gin.H{"error": "insufficient flavor permissions"})
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|