Add role helper functions, add project role barebone, add valid role arr

- HasAnyRoles([]string): Checks if user has *one* of the roles - HasAllRoles([]string): Cheks if user has *all* of the roles - HasNotRoles([]string): Checks if user has *none* of the roles - IsValidRole(string): Checks if given string is known valid role
2025-07-23 21:01:40 +02:00 · 2023-01-25 16:59:16 +01:00
parent 5abd3641b2
commit 834f9d9085
5 changed files with 73 additions and 11 deletions
--- a/internal/repository/job.go
+++ b/internal/repository/job.go
@@ -423,7 +423,7 @@ func (r *JobRepository) FindJobOrUser(ctx context.Context, searchterm string) (j
 	user := auth.GetUser(ctx)
 	if id, err := strconv.Atoi(searchterm); err == nil {
 		qb := sq.Select("job.id").From("job").Where("job.job_id = ?", id)
-		if user != nil && !user.HasRole(auth.RoleAdmin) && !user.HasRole(auth.RoleSupport) {
+		if user != nil && user.HasNotRoles([]string{auth.RoleAdmin, auth.RoleSupport}) {
 			qb = qb.Where("job.user = ?", user.Username)
 		}

@@ -435,7 +435,7 @@ func (r *JobRepository) FindJobOrUser(ctx context.Context, searchterm string) (j
 		}
 	}

-	if user == nil || user.HasRole(auth.RoleAdmin) || user.HasRole(auth.RoleSupport) {
+	if user == nil || user.HasAnyRole([]string{auth.RoleAdmin, auth.RoleSupport}) {
 		err := sq.Select("job.user").Distinct().From("job").
 			Where("job.user = ?", searchterm).
 			RunWith(r.stmtCache).QueryRow().Scan(&username)
--- a/internal/repository/query.go
+++ b/internal/repository/query.go
@@ -94,7 +94,7 @@ func (r *JobRepository) CountJobs(

 func SecurityCheck(ctx context.Context, query sq.SelectBuilder) sq.SelectBuilder {
 	user := auth.GetUser(ctx)
-	if user == nil || user.HasRole(auth.RoleAdmin) || user.HasRole(auth.RoleApi) || user.HasRole(auth.RoleSupport) {
+	if user == nil || user.HasAnyRole([]string{auth.RoleAdmin, auth.RoleApi, auth.RoleSupport}) {
 		return query
 	}