neko/pkg/auth/auth.go

package auth

import (
	"context"
	"net/http"

	"gitlab.com/demodesk/neko/server/pkg/types"
	"gitlab.com/demodesk/neko/server/pkg/utils"
)

type key int

const keySessionCtx key = iota

func SetSession(r *http.Request, session types.Session) context.Context {
	return context.WithValue(r.Context(), keySessionCtx, session)
}

func GetSession(r *http.Request) (types.Session, bool) {
	session, ok := r.Context().Value(keySessionCtx).(types.Session)
	return session, ok
}

func AdminsOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {
	session, ok := GetSession(r)
	if !ok || !session.Profile().IsAdmin {
		return nil, utils.HttpForbidden("session is not admin")
	}

	return nil, nil
}

func HostsOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {
	session, ok := GetSession(r)
	if !ok || !session.IsHost() {
		return nil, utils.HttpForbidden("session is not host")
	}

	return nil, nil
}

func CanWatchOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {
	session, ok := GetSession(r)
	if !ok || !session.Profile().CanWatch {
		return nil, utils.HttpForbidden("session cannot watch")
	}

	return nil, nil
}

func CanHostOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {
	session, ok := GetSession(r)
	if !ok || !session.Profile().CanHost {
		return nil, utils.HttpForbidden("session cannot host")
	}

	if session.PrivateModeEnabled() {
		return nil, utils.HttpUnprocessableEntity("private mode is enabled")
	}

	return nil, nil
}

func CanAccessClipboardOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {
	session, ok := GetSession(r)
	if !ok || !session.Profile().CanAccessClipboard {
		return nil, utils.HttpForbidden("session cannot access clipboard")
	}

	return nil, nil
}
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`package auth`

			`import (`
			`"context"`
			`"net/http"`

move shared code to pkg. 2022-03-20 23:43:00 +13:00			`"gitlab.com/demodesk/neko/server/pkg/types"`
			`"gitlab.com/demodesk/neko/server/pkg/utils"`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`)`

			`type key int`

code fmt change. 2021-09-03 07:37:24 +12:00			`const keySessionCtx key = iota`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00
use custom logger. 2021-09-17 10:58:50 +12:00			`func SetSession(r *http.Request, session types.Session) context.Context {`
			`return context.WithValue(r.Context(), keySessionCtx, session)`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`}`

use custom logger. 2021-09-17 10:58:50 +12:00			`func GetSession(r *http.Request) (types.Session, bool) {`
			`session, ok := r.Context().Value(keySessionCtx).(types.Session)`
			`return session, ok`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`}`

use custom logger. 2021-09-17 10:58:50 +12:00			`func AdminsOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {`
			`session, ok := GetSession(r)`
			`if !ok \|\| !session.Profile().IsAdmin {`
			`return nil, utils.HttpForbidden("session is not admin")`
			`}`

			`return nil, nil`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`}`

use custom logger. 2021-09-17 10:58:50 +12:00			`func HostsOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {`
			`session, ok := GetSession(r)`
			`if !ok \|\| !session.IsHost() {`
			`return nil, utils.HttpForbidden("session is not host")`
			`}`

			`return nil, nil`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`}`

use custom logger. 2021-09-17 10:58:50 +12:00			`func CanWatchOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {`
			`session, ok := GetSession(r)`
			`if !ok \|\| !session.Profile().CanWatch {`
			`return nil, utils.HttpForbidden("session cannot watch")`
			`}`

			`return nil, nil`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`}`
add CanHostOnly. 2020-12-30 10:00:28 +13:00
use custom logger. 2021-09-17 10:58:50 +12:00			`func CanHostOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {`
			`session, ok := GetSession(r)`
			`if !ok \|\| !session.Profile().CanHost {`
			`return nil, utils.HttpForbidden("session cannot host")`
			`}`

private mode implementation. 2022-03-27 11:20:38 +13:00			`if session.PrivateModeEnabled() {`
			`return nil, utils.HttpUnprocessableEntity("private mode is enabled")`
			`}`

use custom logger. 2021-09-17 10:58:50 +12:00			`return nil, nil`
add CanHostOnly. 2020-12-30 10:00:28 +13:00			`}`
generate screenshot using Xlib. 2021-01-22 08:44:09 +13:00
use custom logger. 2021-09-17 10:58:50 +12:00			`func CanAccessClipboardOnly(w http.ResponseWriter, r *http.Request) (context.Context, error) {`
			`session, ok := GetSession(r)`
			`if !ok \|\| !session.Profile().CanAccessClipboard {`
			`return nil, utils.HttpForbidden("session cannot access clipboard")`
			`}`

			`return nil, nil`
generate screenshot using Xlib. 2021-01-22 08:44:09 +13:00			`}`