dan/Portfolio
1
0
Fork 0
mirror of https://github.com/danbulant/Portfolio synced 2026-06-17 21:41:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: fix admin guard to really check for admin role

Browse source
This commit is contained in:
EETagent 2022-11-05 17:43:13 +01:00
parent 5ef966341f
commit 1073fd4d72
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
api/src/guards/request/auth/admin.rs
View file

@ -30,7 +30,13 @@ impl<'r> FromRequest<'r> for AdminAuth {
let session = AdminService::auth(conn, uuid).await;
match session {
Ok(model) => Outcome::Success(AdminAuth(model)),
Ok(model) => {
if model.is_admin {
Outcome::Success(AdminAuth(model))
} else {
Outcome::Failure((Status::Forbidden, None))
}
},
Err(e) => Outcome::Failure(
(Status::from_code(e.code()).unwrap_or(Status::InternalServerError), None)
),