package userPermission
import (
"errors"
"net/http"
"github.com/ewhal/nyaa/model"
"github.com/ewhal/nyaa/service/user"
"github.com/ewhal/nyaa/util/log"
)
// HasAdmin checks that user has an admin permission.
func HasAdmin(user *model.User) bool {
name := "admin"
for _, role := range user.Roles {
log.Debugf("HasAdmin role.Name : %s", role.Name)
if role.Name == name {
return true
}
return false
// CurrentOrAdmin check that user has admin permission or user is the current user.
func CurrentOrAdmin(user *model.User, userId uint) bool {
log.Debugf("user.Id == userId %d %d %s", user.Id, userId, user.Id == userId)
return (HasAdmin(user) || user.Id == userId)
// CurrentUserIdentical check that userId is same as current user's Id.
func CurrentUserIdentical(r *http.Request, userId uint) (bool, error) {
currentUser, err := userService.CurrentUser(r)
if err != nil {
return false, errors.New("Auth failed.")
if currentUser.Id != userId {
return false, errors.New("User is not identical.")
return true, nil
