extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-08-19 03:16:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

refactor access control middleware and user access by JWT groups

Browse Source 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
This commit is contained in:
bcmmbaga
2024-09-16 13:33:36 +03:00
parent 1ef51a4ffa
commit 258b30cf48
5 changed files with 51 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
management/server/http/middleware/access_control.go
View File

@@ -15,8 +15,8 @@ import (
"github.com/netbirdio/netbird/management/server/jwtclaims"
)
// GetUser function defines a function to fetch user from Account by jwtclaims.AuthorizationClaims
type GetUser func(ctx context.Context, claims jwtclaims.AuthorizationClaims) (*server.User, error)
// GetUser function defines a function to fetch user from Account by user id.
type GetUser func(ctx context.Context, id string) (*server.User, error)
// AccessControl middleware to restrict to make POST/PUT/DELETE requests by admin only
type AccessControl struct {
@@ -47,7 +47,7 @@ func (a *AccessControl) Handler(h http.Handler) http.Handler {
claims := a.claimsExtract.FromRequestContext(r)
user, err := a.getUser(r.Context(), claims)
user, err := a.getUser(r.Context(), claims.UserId)
if err != nil {
log.WithContext(r.Context()).Errorf("failed to get user from claims: %s", err)
util.WriteError(r.Context(), status.Errorf(status.Unauthorized, "invalid JWT"), w)