mirror of
https://github.com/portainer/portainer.git
synced 2025-07-19 05:19:39 +02:00
014a590704
Some checks are pending
ci / build_images (map[arch:ppc64le platform:linux version:]) (push) Waiting to run
ci / build_images (map[arch:s390x platform:linux version:]) (push) Waiting to run
ci / build_images (map[arch:amd64 platform:linux version:]) (push) Waiting to run
ci / build_images (map[arch:amd64 platform:windows version:1809]) (push) Waiting to run
ci / build_images (map[arch:amd64 platform:windows version:ltsc2022]) (push) Waiting to run
ci / build_images (map[arch:arm platform:linux version:]) (push) Waiting to run
ci / build_images (map[arch:arm64 platform:linux version:]) (push) Waiting to run
ci / build_manifests (push) Blocked by required conditions
/ triage (push) Waiting to run
Lint / Run linters (push) Waiting to run
Test / test-client (push) Waiting to run
Test / test-server (map[arch:amd64 platform:linux]) (push) Waiting to run
Test / test-server (map[arch:amd64 platform:windows version:1809]) (push) Waiting to run
Test / test-server (map[arch:amd64 platform:windows version:ltsc2022]) (push) Waiting to run
Test / test-server (map[arch:arm64 platform:linux]) (push) Waiting to run
66 lines
2 KiB
Go
66 lines
2 KiB
Go
package security
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"net/http"
|
|
|
|
portainer "github.com/portainer/portainer/api"
|
|
"github.com/portainer/portainer/api/dataservices"
|
|
)
|
|
|
|
type (
|
|
contextKey int
|
|
)
|
|
|
|
const (
|
|
contextAuthenticationKey contextKey = iota
|
|
contextRestrictedRequest
|
|
)
|
|
|
|
// StoreTokenData stores a TokenData object inside the request context and returns the enhanced context.
|
|
func StoreTokenData(request *http.Request, tokenData *portainer.TokenData) context.Context {
|
|
return context.WithValue(request.Context(), contextAuthenticationKey, tokenData)
|
|
}
|
|
|
|
// RetrieveTokenData returns the TokenData object stored in the request context.
|
|
func RetrieveTokenData(request *http.Request) (*portainer.TokenData, error) {
|
|
contextData := request.Context().Value(contextAuthenticationKey)
|
|
if contextData == nil {
|
|
return nil, errors.New("Unable to find JWT data in request context")
|
|
}
|
|
|
|
tokenData := contextData.(*portainer.TokenData)
|
|
return tokenData, nil
|
|
}
|
|
|
|
// StoreRestrictedRequestContext stores a RestrictedRequestContext object inside the request context
|
|
// and returns the enhanced context.
|
|
func StoreRestrictedRequestContext(request *http.Request, requestContext *RestrictedRequestContext) context.Context {
|
|
return context.WithValue(request.Context(), contextRestrictedRequest, requestContext)
|
|
}
|
|
|
|
// RetrieveRestrictedRequestContext returns the RestrictedRequestContext object stored in the request context.
|
|
func RetrieveRestrictedRequestContext(request *http.Request) (*RestrictedRequestContext, error) {
|
|
contextData := request.Context().Value(contextRestrictedRequest)
|
|
if contextData == nil {
|
|
return nil, errors.New("Unable to find security details in request context")
|
|
}
|
|
|
|
requestContext := contextData.(*RestrictedRequestContext)
|
|
return requestContext, nil
|
|
}
|
|
|
|
func RetrieveUserFromRequest(r *http.Request, tx dataservices.DataStoreTx) (*portainer.User, error) {
|
|
rrc, err := RetrieveRestrictedRequestContext(r)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
user, err := tx.User().Read(rrc.UserID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return user, nil
|
|
}
|