Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-23 15:29:42 +02:00
Code Issues Releases Activity

chore(handlers): replace structs by functions for HTTP errors EE-4227 (#7664)

Browse source
This commit is contained in:
andres-portainer 2022-09-14 20:42:39 -03:00 committed by GitHub
parent 7accdf704c
commit 9ef5636718
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
157 changed files with 1123 additions and 1147 deletions
Download patch file Download diff file Expand all files Collapse all files

10
api/http/handler/webhooks/handler.go
View file

@ -42,12 +42,12 @@ func NewHandler(bouncer *security.RequestBouncer) *Handler {
func (handler *Handler) checkResourceAccess(r *http.Request, resourceID string, resourceControlType portainer.ResourceControlType) *httperror.HandlerError {
securityContext, err := security.RetrieveRestrictedRequestContext(r)
if err != nil {
return &httperror.HandlerError{StatusCode: http.StatusInternalServerError, Message: "Unable to retrieve user info from request context", Err: err}
return httperror.InternalServerError("Unable to retrieve user info from request context", err)
}
// non-admins
rc, err := handler.DataStore.ResourceControl().ResourceControlByResourceIDAndType(resourceID, resourceControlType)
if rc == nil || err != nil {
return &httperror.HandlerError{StatusCode: http.StatusInternalServerError, Message: "Unable to retrieve a resource control associated to the resource", Err: err}
return httperror.InternalServerError("Unable to retrieve a resource control associated to the resource", err)
}
userTeamIDs := make([]portainer.TeamID, 0)
for _, membership := range securityContext.UserMemberships {
@ -63,18 +63,18 @@ func (handler *Handler) checkResourceAccess(r *http.Request, resourceID string,
func (handler *Handler) checkAuthorization(r *http.Request, endpoint *portainer.Endpoint, authorizations []portainer.Authorization) (bool, *httperror.HandlerError) {
err := handler.requestBouncer.AuthorizedEndpointOperation(r, endpoint)
if err != nil {
return false, &httperror.HandlerError{StatusCode: http.StatusForbidden, Message: "Permission denied to access environment", Err: err}
return false, httperror.Forbidden("Permission denied to access environment", err)
}
securityContext, err := security.RetrieveRestrictedRequestContext(r)
if err != nil {
return false, &httperror.HandlerError{StatusCode: http.StatusInternalServerError, Message: "Unable to retrieve user info from request context", Err: err}
return false, httperror.InternalServerError("Unable to retrieve user info from request context", err)
}
authService := authorization.NewService(handler.DataStore)
isAdminOrAuthorized, err := authService.UserIsAdminOrAuthorized(securityContext.UserID, endpoint.ID, authorizations)
if err != nil {
return false, &httperror.HandlerError{StatusCode: http.StatusInternalServerError, Message: "Unable to get user authorizations", Err: err}
return false, httperror.InternalServerError("Unable to get user authorizations", err)
}
return isAdminOrAuthorized, nil
}