1
0
mirror of https://github.com/osmarks/mycorrhiza.git synced 2025-01-19 07:02:51 +00:00
mycorrhiza/user/group.go

71 lines
1.5 KiB
Go
Raw Normal View History

2020-11-14 14:46:04 +00:00
package user
import (
"log"
"net/http"
2020-11-14 14:46:04 +00:00
)
func groupFromString(s string) UserGroup {
switch s {
case "admin":
return UserAdmin
case "moderator":
return UserModerator
case "trusted":
return UserTrusted
case "editor":
return UserEditor
default:
log.Fatal("Unknown user group", s)
return UserAnon
}
}
// UserGroup represents a group that a user is part of.
type UserGroup int
const (
// UserAnon is the default user group which all unauthorized visitors have.
UserAnon UserGroup = iota
// UserEditor is a user who can edit and upload stuff.
UserEditor
// UserTrusted is a trusted editor who can also rename stuff.
UserTrusted
// UserModerator is a moderator who can also delete stuff.
UserModerator
// UserAdmin can do everything.
UserAdmin
)
var minimalRights = map[string]UserGroup{
"edit": UserEditor,
"upload-binary": UserEditor,
"upload-text": UserEditor,
"rename-ask": UserTrusted,
"rename-confirm": UserTrusted,
"delete-ask": UserModerator,
"delete-confirm": UserModerator,
"reindex": UserAdmin,
}
func (ug UserGroup) CanAccessRoute(route string) bool {
if !AuthUsed {
return true
}
if minimalRight, ok := minimalRights[route]; ok {
if ug >= minimalRight {
return true
}
return false
}
return true
}
func CanProceed(rq *http.Request, route string) bool {
return FromRequest(rq).OrAnon().CanProceed(route)
}
func (u *User) CanProceed(route string) bool {
return u.Group.CanAccessRoute(route)
}