Buriburizaemon/nezha_domains
1
0
Fork 0
mirror of https://github.com/Buriburizaem0n/nezha_domains.git synced 2026-02-04 04:30:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: enhance authorization check for settings access

Browse Source
This commit is contained in:
naiba
2024-12-22 12:20:18 +08:00
parent 4af7e83004
commit f10e048bec
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/dashboard/controller/setting.go
View File

@@ -20,8 +20,12 @@ import (
// @Success 200 {object} model.CommonResponse[model.SettingResponse] // @Success 200 {object} model.CommonResponse[model.SettingResponse]
// @Router /setting [get] // @Router /setting [get]
func listConfig(c *gin.Context) (model.SettingResponse, error) { func listConfig(c *gin.Context) (model.SettingResponse, error) {
_, isMember := c.Get(model.CtxKeyAuthorizedUser) u, ok := c.Get(model.CtxKeyAuthorizedUser)
authorized := isMember // TODO || isViewPasswordVerfied var authorized bool
if ok {
user := u.(*model.User)
authorized = user.Role == model.RoleAdmin
}
conf := model.SettingResponse{ conf := model.SettingResponse{
Config: *singleton.Conf, Config: *singleton.Conf,