usememos/memos
1
1
Fork 0
mirror of https://github.com/usememos/memos.git synced 2024-12-22 02:31:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

chore: update list user api permission

Browse Source
This commit is contained in:
Steven 2023-11-05 22:35:09 +08:00
parent 3266c3a58a
commit e67820cabe
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
api/v1/user.go
View File

@ -88,6 +88,23 @@ func (s *APIV1Service) registerUserRoutes(g *echo.Group) {
// @Router /api/v1/user [GET] // @Router /api/v1/user [GET]
func (s *APIV1Service) GetUserList(c echo.Context) error { func (s *APIV1Service) GetUserList(c echo.Context) error {
ctx := c.Request().Context() ctx := c.Request().Context()
userID, ok := c.Get(userIDContextKey).(int32)
if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing auth session")
}
currentUser, err := s.Store.GetUser(ctx, &store.FindUser{
ID: &userID,
})
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user by id").SetInternal(err)
}
if currentUser == nil {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing auth session")
}
if currentUser.Role != store.RoleHost && currentUser.Role != store.RoleAdmin {
return echo.NewHTTPError(http.StatusUnauthorized, "Unauthorized to list users")
}
list, err := s.Store.ListUsers(ctx, &store.FindUser{}) list, err := s.Store.ListUsers(ctx, &store.FindUser{})
if err != nil { if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch user list").SetInternal(err) return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch user list").SetInternal(err)