ayo/maingate
8
1
Fork 3
Code Issues Pull Requests Projects Releases Wiki Activity

whitelist에서 email과 platform을 모두 비교

Browse Source
This commit is contained in:
mountain
2023-07-07 15:32:54 +09:00
parent 5abb3fd2b7
commit 22ec115b35
4 changed files with 11 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
core/api.go
View File

@ -74,40 +74,8 @@ func (fd *FileDocumentDesc) Save() error {
return err
}
func (caller apiCaller) isAdmin() bool {
if *devflag {
return true
}
v, ok := caller.userinfo["email"]
if !ok {
logger.Println("isVaidUser failed. email is missing :", caller.userinfo)
return false
}
email := v.(string)
if _, ok := caller.globalAdmins[email]; ok {
return true
}
return caller.mg.service().isAdmin(email)
}
func (caller apiCaller) isAdminOrValidToken() bool {
if caller.isAdmin() {
return true
}
return caller.mg.service().isValidToken(caller.apiToken)
}
func (caller apiCaller) filesAPI(w http.ResponseWriter, r *http.Request) error {
if r.Method == "GET" {
// if !caller.isAdminOrValidToken() {
// w.WriteHeader(http.StatusUnauthorized)
// return nil
// }
allfiles, err := caller.mg.mongoClient.All(CollectionFile, options.Find().SetProjection(bson.M{
"contents": 0,
}).SetReturnKey(false))
@ -126,11 +94,6 @@ func (caller apiCaller) filesAPI(w http.ResponseWriter, r *http.Request) error {
return nil
}
// if !caller.isAdminOrValidToken() {
// w.WriteHeader(http.StatusUnauthorized)
// return nil
// }
_, err := caller.mg.mongoClient.Delete(CollectionFile, bson.M{
"key": key,
})
@ -208,7 +171,6 @@ func (caller apiCaller) uploadAPI(w http.ResponseWriter, r *http.Request) error
func (caller apiCaller) whitelistAPI(w http.ResponseWriter, r *http.Request) error {
mg := caller.mg
queryvals := r.URL.Query()
if r.Method == "GET" {
// if !caller.isAdminOrValidToken() {
// logger.Println("whitelistAPI failed. not vaild user :", r.Method, caller.userinfo)
@ -256,7 +218,7 @@ func (caller apiCaller) whitelistAPI(w http.ResponseWriter, r *http.Request) err
return err
}
} else if r.Method == "DELETE" {
id := queryvals.Get("id")
id := r.FormValue("id")
if len(id) == 0 {
return errors.New("id param is missing")
}