summaryrefslogtreecommitdiff
path: root/backend/src/Handler.zig
diff options
context:
space:
mode:
Diffstat (limited to 'backend/src/Handler.zig')
-rw-r--r--backend/src/Handler.zig25
1 files changed, 24 insertions, 1 deletions
diff --git a/backend/src/Handler.zig b/backend/src/Handler.zig
index 3e40cf8..2f3389e 100644
--- a/backend/src/Handler.zig
+++ b/backend/src/Handler.zig
@@ -3,6 +3,11 @@ const httpz = @import("httpz");
const userModel = @import("Models/User.zig");
const tokens = @import("Authentication/Tokens.zig");
+pub const errors = error {
+ Unauthorized,
+ Forbidden,
+};
+
pub const RequestData = struct {
User: ?userModel.User,
@@ -32,13 +37,31 @@ pub const RequestData = struct {
if (self.User == null) return false;
return self.User.?.Role >= minimalRole;
}
+
+ pub fn CheckAccess(self: RequestData, minimalRole: userModel.Role) !void {
+ if (self.User == null) return errors.Unauthorized;
+ if (@intFromEnum(self.User.?.Role) < @intFromEnum(minimalRole))
+ return errors.Forbidden;
+ }
};
pub const Handler = struct {
pub fn dispatch(_: *Handler, action: httpz.Action(*RequestData), req: *httpz.Request, res: *httpz.Response) !void {
var data = try RequestData.Init(req);
// std.debug.print("Data: {any}\n", .{ data });
- try action(&data, req, res);
+ action(&data, req, res) catch |err| {
+ switch (err) {
+ errors.Forbidden => {
+ res.setStatus(.forbidden);
+ },
+ errors.Unauthorized => {
+ res.setStatus(.unauthorized);
+ },
+ else => {
+ return err;
+ }
+ }
+ };
std.debug.print("{any} {s}: {d}\n", .{req.method, req.url.raw, res.status});
}
};
Rendered by CGit