mirror of
https://github.com/danbulant/Portfolio
synced 2026-07-05 11:00:56 +00:00
fix: fix admin guard to really check for admin role
This commit is contained in:
parent
5ef966341f
commit
1073fd4d72
1 changed files with 7 additions and 1 deletions
|
|
@ -30,7 +30,13 @@ impl<'r> FromRequest<'r> for AdminAuth {
|
||||||
let session = AdminService::auth(conn, uuid).await;
|
let session = AdminService::auth(conn, uuid).await;
|
||||||
|
|
||||||
match session {
|
match session {
|
||||||
Ok(model) => Outcome::Success(AdminAuth(model)),
|
Ok(model) => {
|
||||||
|
if model.is_admin {
|
||||||
|
Outcome::Success(AdminAuth(model))
|
||||||
|
} else {
|
||||||
|
Outcome::Failure((Status::Forbidden, None))
|
||||||
|
}
|
||||||
|
},
|
||||||
Err(e) => Outcome::Failure(
|
Err(e) => Outcome::Failure(
|
||||||
(Status::from_code(e.code()).unwrap_or(Status::InternalServerError), None)
|
(Status::from_code(e.code()).unwrap_or(Status::InternalServerError), None)
|
||||||
),
|
),
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue