github.com/quickfeed/quickfeed@v0.0.0-20240507093252-ed8ca812a09c/web/access_control.go

github.com/quickfeed/quickfeed@v0.0.0-20240507093252-ed8ca812a09c/web/access_control.go (about)

     1  package web
     2  
     3  import (
     4  	"context"
     5  
     6  	"github.com/quickfeed/quickfeed/qf"
     7  	"github.com/quickfeed/quickfeed/web/auth"
     8  )
     9  
    10  func userID(ctx context.Context) uint64 {
    11  	claims, ok := auth.ClaimsFromContext(ctx)
    12  	if !ok {
    13  		return 0
    14  	}
    15  	return claims.UserID
    16  }
    17  
    18  // hasCourseAccess returns true if the given user has access to the given course,
    19  // as defined by the check function.
    20  func (s *QuickFeedService) hasCourseAccess(userID, courseID uint64, check func(*qf.Enrollment) bool) bool {
    21  	enrollment, err := s.db.GetEnrollmentByCourseAndUser(courseID, userID)
    22  	if err != nil {
    23  		s.logger.Error(err)
    24  		return false
    25  	}
    26  	s.logger.Debugf("(user=%d, course=%d) has enrollment status %+v", userID, courseID, enrollment.GetStatus())
    27  	return check(enrollment)
    28  }
    29  
    30  // isTeacher returns true if the given user is teacher for the given course.
    31  func (s *QuickFeedService) isTeacher(userID, courseID uint64) bool {
    32  	return s.hasCourseAccess(userID, courseID, func(e *qf.Enrollment) bool {
    33  		return e.Status == qf.Enrollment_TEACHER
    34  	})
    35  }
    36  
    37  // isCourseCreator returns true if the given user is course creator for the given course.
    38  func (s *QuickFeedService) isCourseCreator(courseID, userID uint64) bool {
    39  	course, _ := s.db.GetCourse(courseID, false)
    40  	return course.GetCourseCreatorID() == userID
    41  }