chenged display of devices according to user`s role. all changes are made in backend
This commit is contained in:
tdv
37
server/internal/middleware/access.go
Normal file
37
server/internal/middleware/access.go
Normal file
@@ -0,0 +1,37 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"smoop-api/internal/handlers"
|
||||
"smoop-api/internal/models"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
// DeviceAccessFilter middleware sets filtering context for device access
|
||||
func DeviceAccessFilter() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
userContext, exists := c.Get("user")
|
||||
if !exists {
|
||||
c.JSON(401, gin.H{"error": "unauthorized"})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
user, ok := userContext.(handlers.UserContext)
|
||||
if !ok {
|
||||
c.JSON(401, gin.H{"error": "invalid user data"})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
// Set filter flag and user ID in context
|
||||
if user.Role == models.RoleAdmin {
|
||||
c.Set("filterDevices", false) // Admin sees all devices
|
||||
} else {
|
||||
c.Set("filterDevices", true) // Regular user needs filtering
|
||||
c.Set("userID", user.ID) // Store user ID for filtering
|
||||
}
|
||||
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user