Update apiHandler.go
Cette révision appartient à :
Parent
66b94eb360
révision
2f2d03667c
1 fichiers modifiés avec 16 ajouts et 4 suppressions
|
@ -96,13 +96,19 @@ func ApiViewHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func ApiUploadHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if config.UploadsDisabled {
|
||||
user := model.User{}
|
||||
if config.UploadsDisabled && config.AdminsAreStillAllowedTo && user.Status != 2 && config.TrustedUsersAreStillAllowedTo && user.Status != 1 {
|
||||
http.Error(w, "Error uploads are disabled", http.StatusBadRequest)
|
||||
return
|
||||
} else if config.UploadsDisabled && !config.AdminsAreStillAllowedTo && user.Status == 2 {
|
||||
http.Error(w, "Error uploads are disabled", http.StatusBadRequest)
|
||||
return
|
||||
} else if config.UploadsDisabled && !config.TrustedUsersAreStillAllowedTo && user.Status == 1 {
|
||||
http.Error(w, "Error uploads are disabled", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
token := r.Header.Get("Authorization")
|
||||
user := model.User{}
|
||||
db.ORM.Where("api_token = ?", token).First(&user) //i don't like this
|
||||
if user.ID == 0 {
|
||||
http.Error(w, apiService.ErrApiKey.Error(), http.StatusUnauthorized)
|
||||
|
@ -173,7 +179,14 @@ func ApiUploadHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func ApiUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if config.UploadsDisabled {
|
||||
user := model.User{}
|
||||
if config.UploadsDisabled && config.AdminsAreStillAllowedTo && user.Status != 2 && config.TrustedUsersAreStillAllowedTo && user.Status != 1 {
|
||||
http.Error(w, "Error uploads are disabled", http.StatusInternalServerError)
|
||||
return
|
||||
} else if config.UploadsDisabled && !config.AdminsAreStillAllowedTo && user.Status == 2 {
|
||||
http.Error(w, "Error uploads are disabled", http.StatusInternalServerError)
|
||||
return
|
||||
} else if config.UploadsDisabled && !config.TrustedUsersAreStillAllowedTo && user.Status == 1 {
|
||||
http.Error(w, "Error uploads are disabled", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
@ -181,7 +194,6 @@ func ApiUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
|||
contentType := r.Header.Get("Content-Type")
|
||||
if contentType == "application/json" {
|
||||
token := r.Header.Get("Authorization")
|
||||
user := model.User{}
|
||||
db.ORM.Where("api_token = ?", token).First(&user) //i don't like this
|
||||
if user.ID == 0 {
|
||||
http.Error(w, apiService.ErrApiKey.Error(), http.StatusForbidden)
|
||||
|
|
Référencer dans un nouveau ticket