init
This commit is contained in:
74
internal/app/handlers_access.go
Normal file
74
internal/app/handlers_access.go
Normal file
@@ -0,0 +1,74 @@
|
||||
package app
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"github.com/yourorg/ntfywui/internal/store"
|
||||
)
|
||||
|
||||
func (s *Server) handleAccess(w http.ResponseWriter, r *http.Request) {
|
||||
admin, _ := s.currentAdmin(r)
|
||||
switch r.Method {
|
||||
case http.MethodGet:
|
||||
users, err := s.ntfy.ListUsers(s.ntfyCtx(r))
|
||||
if err != nil {
|
||||
s.renderer.Render(w, "error.html", PageData{Title: "Fehler", Admin: admin.Username, Role: string(admin.Role), Error: err.Error()})
|
||||
return
|
||||
}
|
||||
csrf, _ := s.csrfEnsure(w, r)
|
||||
flash := s.popFlash(w, r)
|
||||
s.renderer.Render(w, "access.html", PageData{
|
||||
Title: "Access",
|
||||
Admin: admin.Username,
|
||||
Role: string(admin.Role),
|
||||
CSRF: csrf,
|
||||
Flash: flash,
|
||||
Users: users,
|
||||
})
|
||||
case http.MethodPost:
|
||||
if !roleAtLeast(admin.Role, store.RoleOperator) {
|
||||
http.Error(w, "forbidden", http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
_ = r.ParseForm()
|
||||
action := r.Form.Get("action")
|
||||
username := cleanUser(r.Form.Get("username"))
|
||||
switch action {
|
||||
case "grant":
|
||||
topic := cleanTopic(r.Form.Get("topic"))
|
||||
perm := strings.TrimSpace(r.Form.Get("perm"))
|
||||
if username == "" || topic == "" || perm == "" {
|
||||
s.setFlash(w, r, "Username, Topic und Permission sind erforderlich")
|
||||
http.Redirect(w, r, s.abs("/access"), http.StatusFound)
|
||||
return
|
||||
}
|
||||
if err := s.ntfy.GrantAccess(s.ntfyCtx(r), username, topic, perm); err != nil {
|
||||
s.setFlash(w, r, "Fehler: "+err.Error())
|
||||
http.Redirect(w, r, s.abs("/access"), http.StatusFound)
|
||||
return
|
||||
}
|
||||
s.auditEvent(r, "ntfy_access_grant", username, map[string]string{"topic": topic, "perm": perm})
|
||||
s.setFlash(w, r, "Access gesetzt")
|
||||
http.Redirect(w, r, s.abs("/users/"+username), http.StatusFound)
|
||||
case "reset":
|
||||
if username == "" {
|
||||
s.setFlash(w, r, "Username erforderlich")
|
||||
http.Redirect(w, r, s.abs("/access"), http.StatusFound)
|
||||
return
|
||||
}
|
||||
if err := s.ntfy.ResetAccess(s.ntfyCtx(r), username); err != nil {
|
||||
s.setFlash(w, r, "Fehler: "+err.Error())
|
||||
http.Redirect(w, r, s.abs("/access"), http.StatusFound)
|
||||
return
|
||||
}
|
||||
s.auditEvent(r, "ntfy_access_reset", username, nil)
|
||||
s.setFlash(w, r, "Access reset")
|
||||
http.Redirect(w, r, s.abs("/users/"+username), http.StatusFound)
|
||||
default:
|
||||
http.Error(w, "bad request", http.StatusBadRequest)
|
||||
}
|
||||
default:
|
||||
http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user