api 호출 권한 일단 보류
This commit is contained in:
65
core/api.go
65
core/api.go
@ -104,10 +104,10 @@ func (caller apiCaller) isAdminOrValidToken() bool {
|
||||
|
||||
func (caller apiCaller) filesAPI(w http.ResponseWriter, r *http.Request) error {
|
||||
if r.Method == "GET" {
|
||||
if !caller.isAdminOrValidToken() {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return nil
|
||||
}
|
||||
// if !caller.isAdminOrValidToken() {
|
||||
// w.WriteHeader(http.StatusUnauthorized)
|
||||
// return nil
|
||||
// }
|
||||
|
||||
allfiles, err := caller.mg.mongoClient.All(CollectionFile, options.Find().SetProjection(bson.M{
|
||||
"contents": 0,
|
||||
@ -127,10 +127,10 @@ func (caller apiCaller) filesAPI(w http.ResponseWriter, r *http.Request) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
if !caller.isAdminOrValidToken() {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return nil
|
||||
}
|
||||
// if !caller.isAdminOrValidToken() {
|
||||
// w.WriteHeader(http.StatusUnauthorized)
|
||||
// return nil
|
||||
// }
|
||||
|
||||
_, err := caller.mg.mongoClient.Delete(CollectionFile, bson.M{
|
||||
"key": key,
|
||||
@ -211,33 +211,26 @@ func (caller apiCaller) whitelistAPI(w http.ResponseWriter, r *http.Request) err
|
||||
mg := caller.mg
|
||||
queryvals := r.URL.Query()
|
||||
if r.Method == "GET" {
|
||||
service := queryvals.Get("service")
|
||||
if len(service) > 0 {
|
||||
if !caller.isAdminOrValidToken() {
|
||||
logger.Println("whitelistAPI failed. not vaild user :", r.Method, caller.userinfo)
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return nil
|
||||
}
|
||||
// if !caller.isAdminOrValidToken() {
|
||||
// logger.Println("whitelistAPI failed. not vaild user :", r.Method, caller.userinfo)
|
||||
// w.WriteHeader(http.StatusUnauthorized)
|
||||
// return nil
|
||||
// }
|
||||
|
||||
all, err := mg.mongoClient.FindAll(CollectionWhitelist, bson.M{
|
||||
"service": service,
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
all, err := mg.mongoClient.All(CollectionWhitelist)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if len(all) > 0 {
|
||||
var notexp []primitive.M
|
||||
for _, v := range all {
|
||||
if _, exp := v["_ts"]; !exp {
|
||||
notexp = append(notexp, v)
|
||||
}
|
||||
if len(all) > 0 {
|
||||
var notexp []primitive.M
|
||||
for _, v := range all {
|
||||
if _, exp := v["_ts"]; !exp {
|
||||
notexp = append(notexp, v)
|
||||
}
|
||||
allraw, _ := json.Marshal(notexp)
|
||||
w.Write(allraw)
|
||||
}
|
||||
} else {
|
||||
logger.Println("service param is missing")
|
||||
allraw, _ := json.Marshal(notexp)
|
||||
w.Write(allraw)
|
||||
}
|
||||
} else if r.Method == "PUT" {
|
||||
body, _ := io.ReadAll(r.Body)
|
||||
@ -246,11 +239,11 @@ func (caller apiCaller) whitelistAPI(w http.ResponseWriter, r *http.Request) err
|
||||
return err
|
||||
}
|
||||
|
||||
if !caller.isAdminOrValidToken() {
|
||||
logger.Println("whitelistAPI failed. not vaild user :", r.Method, caller.userinfo)
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return nil
|
||||
}
|
||||
// if !caller.isAdminOrValidToken() {
|
||||
// logger.Println("whitelistAPI failed. not vaild user :", r.Method, caller.userinfo)
|
||||
// w.WriteHeader(http.StatusUnauthorized)
|
||||
// return nil
|
||||
// }
|
||||
|
||||
member.Expired = 0
|
||||
|
||||
|
||||
Reference in New Issue
Block a user