forked from DHowett/spectre
-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
permissions.go
91 lines (77 loc) · 2.15 KB
/
permissions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
package main
import (
"github.com/DHowett/ghostbin/account"
"github.com/gorilla/sessions"
"net/http"
)
type PastePermission map[string]bool
type PastePermissionSet struct {
Entries map[PasteID]PastePermission
u *account.User
}
func GetPastePermissions(r *http.Request) *PastePermissionSet {
var perms *PastePermissionSet
// Check if we have a user first.
user := GetUser(r)
if user != nil {
if userPerms, ok := user.Values["permissions"]; ok {
perms = userPerms.(*PastePermissionSet)
}
}
cookieSession, _ := sessionStore.Get(r, "session")
// Attempt to get hold of the new-style permission set.
if sessionPermissionSet, ok := cookieSession.Values["permissions"]; ok {
if perms != nil {
for k, v := range sessionPermissionSet.(*PastePermissionSet).Entries {
perms.Put(k, v)
}
} else {
perms = sessionPermissionSet.(*PastePermissionSet)
}
}
if perms == nil {
perms = &PastePermissionSet{
Entries: make(map[PasteID]PastePermission),
}
}
// Attempt to get hold of the original list of pastes
if oldPasteList, ok := cookieSession.Values["pastes"]; ok {
for _, v := range oldPasteList.([]string) {
perms.Put(PasteIDFromString(v), PastePermission{
"grant": true,
"edit": true,
})
}
}
perms.u = user
return perms
}
// Save emits the PastePermissionSet to disk, either as part of the anonymous
// session or as part of the authenticated user's data.
func (p *PastePermissionSet) Save(w http.ResponseWriter, r *http.Request) {
if p.u != nil {
p.u.Save()
} else {
cookieSession, _ := sessionStore.Get(r, "session")
cookieSession.Values["permissions"] = p
sessions.Save(r, w)
}
}
// Put inserts a set of permissions into the permission store,
// potentially merging new permissions with existing permissions for the same paste.
func (p *PastePermissionSet) Put(id PasteID, perms PastePermission) {
if existing, ok := p.Entries[id]; ok {
for k, v := range perms {
existing[k] = v
}
} else {
p.Entries[id] = perms
}
}
func (p *PastePermissionSet) Get(id PasteID) (PastePermission, bool) {
v, ok := p.Entries[id]
return v, ok
}
func (p *PastePermissionSet) Delete(id PasteID) {
delete(p.Entries, id)
}