57 lines
1.2 KiB
Go
57 lines
1.2 KiB
Go
package handlers
|
|
|
|
import (
|
|
"context"
|
|
|
|
"git.haelnorr.com/h/oslstats/internal/db"
|
|
"git.haelnorr.com/h/oslstats/internal/rbac"
|
|
"git.haelnorr.com/h/oslstats/internal/roles"
|
|
"github.com/pkg/errors"
|
|
"github.com/uptrace/bun"
|
|
)
|
|
|
|
// shouldGrantAdmin checks if user's Discord ID is in admin list
|
|
func shouldGrantAdmin(user *db.User, cfg *rbac.Config) bool {
|
|
if cfg == nil || user == nil {
|
|
return false
|
|
}
|
|
if user.DiscordID == cfg.AdminDiscordID {
|
|
return true
|
|
}
|
|
return false
|
|
}
|
|
|
|
// ensureUserHasAdminRole grants admin role if not already granted
|
|
func ensureUserHasAdminRole(ctx context.Context, tx bun.Tx, user *db.User) error {
|
|
if user == nil {
|
|
return errors.New("user cannot be nil")
|
|
}
|
|
|
|
// Check if user already has admin role
|
|
hasAdmin, err := user.HasRole(ctx, tx, roles.Admin)
|
|
if err != nil {
|
|
return errors.Wrap(err, "user.HasRole")
|
|
}
|
|
|
|
if hasAdmin {
|
|
return nil // Already admin
|
|
}
|
|
|
|
// Get admin role
|
|
adminRole, err := db.GetRoleByName(ctx, tx, roles.Admin)
|
|
if err != nil {
|
|
return errors.Wrap(err, "db.GetRoleByName")
|
|
}
|
|
if adminRole == nil {
|
|
return errors.New("admin role not found in database")
|
|
}
|
|
|
|
// Grant admin role
|
|
err = db.AssignRole(ctx, tx, user.ID, adminRole.ID)
|
|
if err != nil {
|
|
return errors.Wrap(err, "db.AssignRole")
|
|
}
|
|
|
|
return nil
|
|
}
|