mirror of
https://github.com/anyproto/anytype-heart.git
synced 2025-06-09 09:35:00 +09:00
74 lines
2.1 KiB
Go
74 lines
2.1 KiB
Go
package api
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
"github.com/anyproto/anytype-heart/core/anytype/account"
|
|
)
|
|
|
|
// initAccountInfo retrieves the account information from the account service
|
|
func (a *ApiServer) initAccountInfo() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
// TODO: consider not fetching account info on every request; currently used to avoid inconsistencies on logout/login
|
|
app := a.mwInternal.GetApp()
|
|
if app == nil {
|
|
c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"error": "failed to get app instance"})
|
|
return
|
|
}
|
|
|
|
accInfo, err := app.Component(account.CName).(account.Service).GetInfo(context.Background())
|
|
if err != nil {
|
|
c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("failed to get account info: %v", err)})
|
|
return
|
|
}
|
|
|
|
a.accountInfo = accInfo
|
|
a.spaceService.AccountInfo = accInfo
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
// TODO: AuthMiddleware to ensure the user is authenticated
|
|
func (a *ApiServer) AuthMiddleware() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
token := c.GetHeader("Authorization")
|
|
if token == "" {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
|
|
return
|
|
}
|
|
|
|
// TODO: Validate the token and retrieve user information; this is mock example
|
|
user := &User{
|
|
ID: "user123",
|
|
Permissions: "read-only", // or "read-only"
|
|
}
|
|
|
|
// Add the user to the context
|
|
c.Set("user", user)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
// TODO: PermissionMiddleware to ensure the user has the required permissions
|
|
func (a *ApiServer) PermissionMiddleware(requiredPermission string) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
user, exists := c.Get("user")
|
|
if !exists {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
|
|
return
|
|
}
|
|
|
|
u := user.(*User)
|
|
if requiredPermission == "read-write" && u.Permissions != "read-write" {
|
|
c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "Forbidden: write access required"})
|
|
return
|
|
}
|
|
|
|
// For read-only access, both "read-only" and "read-write" permissions are acceptable
|
|
c.Next()
|
|
}
|
|
}
|