Add new role support. This enables designated users to see all jobs.

2025-07-23 04:51:39 +02:00 · 2022-08-23 13:33:25 +02:00
parent a0dafbac99
commit 84bac7e520
9 changed files with 21 additions and 12 deletions
--- a/internal/repository/job.go
+++ b/internal/repository/job.go
@@ -309,7 +309,7 @@ func (r *JobRepository) FindJobOrUser(ctx context.Context, searchterm string) (j
 	user := auth.GetUser(ctx)
 	if id, err := strconv.Atoi(searchterm); err == nil {
 		qb := sq.Select("job.id").From("job").Where("job.job_id = ?", id)
-		if user != nil && !user.HasRole(auth.RoleAdmin) {
+		if user != nil && !user.HasRole(auth.RoleAdmin) && !user.HasRole(auth.RoleSupport) {
 			qb = qb.Where("job.user = ?", user.Username)
 		}

@@ -321,7 +321,7 @@ func (r *JobRepository) FindJobOrUser(ctx context.Context, searchterm string) (j
 		}
 	}

-	if user == nil || user.HasRole(auth.RoleAdmin) {
+	if user == nil || user.HasRole(auth.RoleAdmin) || user.HasRole(auth.RoleSupport) {
 		err := sq.Select("job.user").Distinct().From("job").
 			Where("job.user = ?", searchterm).
 			RunWith(r.stmtCache).QueryRow().Scan(&username)
--- a/internal/repository/query.go
+++ b/internal/repository/query.go
@@ -94,7 +94,7 @@ func (r *JobRepository) CountJobs(

 func SecurityCheck(ctx context.Context, query sq.SelectBuilder) sq.SelectBuilder {
 	user := auth.GetUser(ctx)
-	if user == nil || user.HasRole(auth.RoleAdmin) || user.HasRole(auth.RoleApi) {
+	if user == nil || user.HasRole(auth.RoleAdmin) || user.HasRole(auth.RoleApi) || user.HasRole(auth.RoleSupport) {
 		return query
 	}