Add user roles

2013-06-01 20:43:23 +02:00 · 2013-06-01 20:43:23 +02:00 · cfdd4817e2
commit cfdd4817e2
parent e72fd6e4d4
6 changed files with 27 additions and 9 deletions
--- a/admin.go
+++ b/admin.go
@ -39,7 +39,7 @@ func settingsHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
 }

 func deleteHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
-	if sess.User == "" {
+	if !sess.IsAdmin() {
 		notFound(w, r)
 		return
 	}
@ -80,7 +80,7 @@ func deleteHandler(w http.ResponseWriter, r *http.Request, sess *Session) {

 func editHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
 	idStr := mux.Vars(r)["id"]
-	if sess.User == "" || !bson.IsObjectIdHex(idStr) {
+	if !sess.IsAdmin() || !bson.IsObjectIdHex(idStr) {
 		notFound(w, r)
 		return
 	}
@ -109,7 +109,7 @@ func cleanEmptyStr(s []string) []string {

 func saveHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
 	idStr := mux.Vars(r)["id"]
-	if sess.User == "" || !bson.IsObjectIdHex(idStr) {
+	if !sess.IsAdmin() || !bson.IsObjectIdHex(idStr) {
 		notFound(w, r)
 		return
 	}
@ -160,7 +160,7 @@ type newData struct {
 }

 func newHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
-	if sess.User == "" {
+	if !sess.IsAdmin() {
 		notFound(w, r)
 		return
 	}
@ -203,7 +203,7 @@ func newHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
 }

 func storeHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
-	if sess.User == "" {
+	if !sess.IsAdmin() {
 		notFound(w, r)
 		return
 	}
--- a/cover.go
+++ b/cover.go
@ -37,7 +37,7 @@ func coverHandler(w http.ResponseWriter, r *http.Request) {

 	if !book.Active {
 		sess := GetSession(r)
-		if sess.User == "" {
+		if !sess.IsAdmin() {
 			notFound(w, r)
 			return
 		}
--- a/database.go
+++ b/database.go
@ -82,6 +82,18 @@ func (d *DB) UserValid(user string, pass string) bool {
 	return n != 0
 }

+func (d *DB) UserRole(user string) string {
+	type result struct {
+		Role string
+	}
+	res := result{}
+	err := d.user.Find(bson.M{"user": user}).One(&res)
+	if err != nil {
+		return ""
+	}
+	return res.Role
+}
+
 func (d *DB) InsertStats(stats interface{}) error {
 	return d.stats.Insert(stats)
 }
--- a/reader.go
+++ b/reader.go
@ -184,7 +184,7 @@ func openReadEpub(w http.ResponseWriter, r *http.Request, sess *Session) (*epubg

 	book = books[0]
 	if !book.Active {
-		if sess.User == "" {
+		if !sess.IsAdmin() {
 			return nil, book
 		}
 	}
@ -211,7 +211,7 @@ func contentHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
 	}
 	book := books[0]
 	if !book.Active {
-		if sess.User == "" {
+		if !sess.IsAdmin() {
 			notFound(w, r)
 			return
 		}
--- a/session.go
+++ b/session.go
@ -17,6 +17,7 @@ type Notification struct {

 type Session struct {
 	User  string
+	Role  string
 	Notif []Notification
 	S     *sessions.Session
 }
@ -41,6 +42,7 @@ func GetSession(r *http.Request) (s *Session) {
 	s.S, err = sesStore.Get(r, "session")
 	if err == nil && !s.S.IsNew {
 		s.User, _ = s.S.Values["user"].(string)
+		s.Role = db.UserRole(s.User)
 		s.Notif = getNotif(s.S)
 	}

@ -74,3 +76,7 @@ func (s *Session) Id() string {
 	id, _ := s.S.Values["id"].(string)
 	return id
 }
+
+func (s *Session) IsAdmin() bool {
+	return s.Role == "admin"
+}
--- a/trantor.go
+++ b/trantor.go
@ -93,7 +93,7 @@ func downloadHandler(w http.ResponseWriter, r *http.Request, sess *Session) {

 	if !book.Active {
 		sess := GetSession(r)
-		if sess.User == "" {
+		if !sess.IsAdmin() {
 			notFound(w, r)
 			return
 		}