Alex/GoMembership
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

added missing ! to hasprivilige lol

Browse Source
This commit is contained in:
Alex
2025-03-01 14:40:00 +01:00
parent 2342ce24de
commit c28354ed2d
3 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/src/hooks.server.js
View File

@@ -3,8 +3,6 @@ import { refreshCookie, userDatesFromRFC3339 } from '$lib/utils/helpers';
/** @type {import('@sveltejs/kit').Handle} */
export async function handle({ event, resolve }) {
console.log('BaseApiUrl:', `${BASE_API_URI}`);
console.log('System operates in ', import.meta.env.MODE);
if (event.locals.user) {
// if there is already a user in session load page as normal
console.log('user is logged in');

9
frontend/src/routes/auth/admin/users/+layout.server.js
View File

@@ -20,10 +20,6 @@ export async function load({ cookies, fetch, locals }) {
}
const data = await response.json();
// Check if the server sent a new token
const newToken = response.headers.get('Set-Cookie');
refreshCookie(newToken, cookies);
/** @type {App.Locals['users']}*/
const users = data.users;
@@ -32,6 +28,11 @@ export async function load({ cookies, fetch, locals }) {
});
locals.users = users;
// Check if the server sent a new token
const newToken = response.headers.get('Set-Cookie');
refreshCookie(newToken, cookies);
return {
subscriptions: locals.subscriptions,
licence_categories: locals.licence_categories,

4
go-backend/internal/controllers/user_controller.go
View File

@@ -51,8 +51,8 @@ func (uc *UserController) GetAllUsers(c *gin.Context) {
utils.RespondWithError(c, err, "Error extracting user from context in UpdateHandler", http.StatusBadRequest, errors.Responses.Fields.User, errors.Responses.Keys.NoAuthToken)
return
}
if utils.HasPrivilige(requestUser, constants.Priviliges.View) {
utils.RespondWithError(c, errors.ErrNotAuthorized, "Not allowed to update user", http.StatusForbidden, errors.Responses.Fields.User, errors.Responses.Keys.Unauthorized)
if !utils.HasPrivilige(requestUser, constants.Priviliges.View) {
utils.RespondWithError(c, errors.ErrNotAuthorized, fmt.Sprintf("Not allowed to handle all users. RoleID(%v)<Privilige(%v)", requestUser.RoleID, constants.Priviliges.View), http.StatusForbidden, errors.Responses.Fields.User, errors.Responses.Keys.Unauthorized)
return
}