github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/api/auth/check_admin_handler.go (about)

     1  package auth
     2  
     3  import (
     4  	"net/http"
     5  
     6  	"github.com/pf-qiu/concourse/v6/atc/api/accessor"
     7  )
     8  
     9  type checkAdminHandler struct {
    10  	handler  http.Handler
    11  	rejector Rejector
    12  }
    13  
    14  func CheckAdminHandler(
    15  	handler http.Handler,
    16  	rejector Rejector,
    17  ) http.Handler {
    18  	return checkAdminHandler{
    19  		handler:  handler,
    20  		rejector: rejector,
    21  	}
    22  }
    23  
    24  func (h checkAdminHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
    25  	acc := accessor.GetAccessor(r)
    26  	if acc.IsAuthenticated() {
    27  		if acc.IsAdmin() {
    28  			h.handler.ServeHTTP(w, r)
    29  		} else {
    30  			h.rejector.Forbidden(w, r)
    31  		}
    32  	} else {
    33  		h.rejector.Unauthorized(w, r)
    34  	}
    35  }