fix: add role limit

2022-04-27 22:08:02 +08:00
parent fc347a4140
commit 22cb5ec61f
19 changed files with 274 additions and 77 deletions
--- a/handler/user.go
+++ b/handler/user.go
@@ -1,11 +1,13 @@
 package handler

 import (
-	"github.com/gin-gonic/gin"
+	"nCovTrack-Backend/global"
 	"nCovTrack-Backend/models"
 	"nCovTrack-Backend/service/user"
 	"nCovTrack-Backend/utils"
 	"regexp"
+
+	"github.com/gin-gonic/gin"
 )

 //UserRegisterHandler user register
@@ -39,12 +41,16 @@ func UserRegisterHandler(c *gin.Context) {
 // @Param Token header string true "token"
 // @Param json body models.UserApprove true "json"
 func UserApproveHandler(c *gin.Context) {
-	//TODO: auth user is admin or not
+	claims := utils.ClaimsFromHeader(c)
+	if claims.Role != global.ROLE_ID_MAP["ADMIN"] {
+		Forbidden(c)
+		return
+	}
 	jsonMap := bindJsonStruct[models.UserApprove](c)
 	if jsonMap == nil {
 		return
 	}
-	if !user.ApproveRegister(jsonMap["email"].(string), jsonMap["pass"].(bool)) {
+	if !user.ApproveRegister(claims, jsonMap["email"].(string), jsonMap["pass"].(bool)) {
 		RequestErr(c, "approve failed")
 		return
 	}
@@ -79,10 +85,24 @@ func UserLoginHandler(c *gin.Context) {
 // @Produce json
 // @Summary list register infos, which is to be approved
 // @Success 200 {object} utils.GinResponse{}
-// @Router /user/registers [get]
+// @Router /user/registers/{approved} [get]
 // @Param Token header string true "token"
 func ListRegisterUserHandler(c *gin.Context) {
-	registers := user.ListRegister()
+	approved := c.Param("approved")
+	claims := utils.ClaimsFromHeader(c)
+	if claims.Role != global.ROLE_ID_MAP["ADMIN"] {
+		Forbidden(c)
+		return
+	}
+	var registers *[]map[string]interface{}
+	if approved == "notapproved" {
+		registers = user.ListRegister(claims)
+	} else if approved == "approved" {
+		registers = user.ListApprovedRegister(claims)
+	} else {
+		UrlNotFound(c)
+		return
+	}
 	utils.Succ(c, registers)
 }