Fix bad Admin authorization handling
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
73b33f9fb5
commit
99d58f69c2
2
keys.go
2
keys.go
@ -179,7 +179,7 @@ func keyHandler(c *gin.Context) {
|
|||||||
if kid, err := strconv.Atoi(string(c.Param("kid"))); err != nil {
|
if kid, err := strconv.Atoi(string(c.Param("kid"))); err != nil {
|
||||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": "Bad key identifier."})
|
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": "Bad key identifier."})
|
||||||
return
|
return
|
||||||
} else if u.IsAdmin {
|
} else if c.MustGet("LoggedUser").(*User).IsAdmin {
|
||||||
if key, err := getKey(kid); err != nil {
|
if key, err := getKey(kid); err != nil {
|
||||||
c.AbortWithStatusJSON(http.StatusNotFound, gin.H{"errmsg": "Key not found."})
|
c.AbortWithStatusJSON(http.StatusNotFound, gin.H{"errmsg": "Key not found."})
|
||||||
return
|
return
|
||||||
|
|||||||
@ -319,7 +319,7 @@ func repositoryHandler(c *gin.Context) {
|
|||||||
if rid, err := strconv.Atoi(string(c.Param("rid"))); err != nil {
|
if rid, err := strconv.Atoi(string(c.Param("rid"))); err != nil {
|
||||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": "Bad repository identifier."})
|
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": "Bad repository identifier."})
|
||||||
return
|
return
|
||||||
} else if u.IsAdmin {
|
} else if c.MustGet("LoggedUser").(*User).IsAdmin {
|
||||||
if repository, err := getRepository(rid); err != nil {
|
if repository, err := getRepository(rid); err != nil {
|
||||||
c.AbortWithStatusJSON(http.StatusNotFound, gin.H{"errmsg": "Repository not found."})
|
c.AbortWithStatusJSON(http.StatusNotFound, gin.H{"errmsg": "Repository not found."})
|
||||||
return
|
return
|
||||||
|
|||||||
Reference in New Issue
Block a user