llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 02:35:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: improve RequireAdmin() logic

Browse Source
This commit is contained in:
Yang Luo 2024-03-16 20:49:17 +08:00
parent 1bd0245e7a
commit be88b00278
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
controllers/record.go
View File

@ -85,6 +85,11 @@ func (c *ApiController) GetRecords() {
// @Success 200 {object} object.Record The Response object // @Success 200 {object} object.Record The Response object
// @router /get-records-filter [post] // @router /get-records-filter [post]
func (c *ApiController) GetRecordsByFilter() { func (c *ApiController) GetRecordsByFilter() {
_, ok := c.RequireAdmin()
if !ok {
return
}
body := string(c.Ctx.Input.RequestBody) body := string(c.Ctx.Input.RequestBody)
record := &casvisorsdk.Record{} record := &casvisorsdk.Record{}

5
controllers/util.go
View File

@ -127,6 +127,11 @@ func (c *ApiController) RequireAdmin() (string, bool) {
if user.Owner == "built-in" { if user.Owner == "built-in" {
return "", true return "", true
} }
if !user.IsAdmin {
return "", false
}
return user.Owner, true return user.Owner, true
} }