ClusterCockpit/cc-backend
1
0
Fork 0
mirror of https://github.com/ClusterCockpit/cc-backend synced 2025-07-22 20:41:40 +02:00
Code Issues Packages Releases Activity

Restore api role access in SecurityCheck

Browse Source
This commit is contained in:
Jan Eitzinger
2023-06-20 12:54:26 +02:00
parent 25acb2eaa5
commit c973a29734
2 changed files with 5 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
internal/api/rest.go
View File

@@ -192,6 +192,7 @@ func decode(r io.Reader, val interface{}) error {
// @security ApiKeyAuth
// @router /jobs/ [get]
func (api *RestApi) getJobs(rw http.ResponseWriter, r *http.Request) {
if user := auth.GetUser(r.Context()); user != nil && !user.HasRole(auth.RoleApi) {
handleError(fmt.Errorf("missing role: %v", auth.GetRoleString(auth.RoleApi)), http.StatusForbidden, rw)
return