github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/api/auth/check_admin_handler.go (about) 1 package auth 2 3 import ( 4 "net/http" 5 6 "github.com/pf-qiu/concourse/v6/atc/api/accessor" 7 ) 8 9 type checkAdminHandler struct { 10 handler http.Handler 11 rejector Rejector 12 } 13 14 func CheckAdminHandler( 15 handler http.Handler, 16 rejector Rejector, 17 ) http.Handler { 18 return checkAdminHandler{ 19 handler: handler, 20 rejector: rejector, 21 } 22 } 23 24 func (h checkAdminHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { 25 acc := accessor.GetAccessor(r) 26 if acc.IsAuthenticated() { 27 if acc.IsAdmin() { 28 h.handler.ServeHTTP(w, r) 29 } else { 30 h.rejector.Forbidden(w, r) 31 } 32 } else { 33 h.rejector.Unauthorized(w, r) 34 } 35 }