github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/api/auth/check_authorization_handler.go (about) 1 package auth 2 3 import ( 4 "net/http" 5 6 "github.com/pf-qiu/concourse/v6/atc/api/accessor" 7 ) 8 9 type checkAuthorizationHandler struct { 10 handler http.Handler 11 rejector Rejector 12 } 13 14 func CheckAuthorizationHandler( 15 handler http.Handler, 16 rejector Rejector, 17 ) http.Handler { 18 return checkAuthorizationHandler{ 19 handler: handler, 20 rejector: rejector, 21 } 22 } 23 24 func (h checkAuthorizationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { 25 acc := accessor.GetAccessor(r) 26 27 if !acc.IsAuthenticated() { 28 h.rejector.Unauthorized(w, r) 29 return 30 } 31 32 teamName := r.URL.Query().Get(":team_name") 33 34 if !acc.IsAuthorized(teamName) { 35 h.rejector.Forbidden(w, r) 36 return 37 } 38 39 h.handler.ServeHTTP(w, r) 40 }