Browse Source

auth: Fixed incorrect error reporting on permissions mismatching, added ensuring of user in auth.FindUser.

1.0
Gisle Aune 6 years ago
parent
commit
2e5162a29b
  1. 2
      internal/auth/token.go
  2. 19
      internal/auth/user.go

2
internal/auth/token.go

@ -29,7 +29,7 @@ var ErrExpired = errors.New("Claims have already expired")
var ErrWrongUser = errors.New("Key is not valid for this user")
// ErrWrongPermissions is returned by CheckToken if the key cannot claim one or more of its permissions
var ErrWrongPermissions = errors.New("Key is not valid for this user")
var ErrWrongPermissions = errors.New("User does not have these permissions")
// ErrDeletedUser is returned by CheckToken if the key can represent this user, but the user doesn't exist.
var ErrDeletedUser = errors.New("User was not found")

19
internal/auth/user.go

@ -34,6 +34,25 @@ func FindUser(userid string) (User, error) {
user := User{}
err := userCollection.FindId(userid).One(&user)
if err == mgo.ErrNotFound {
user := User{
ID: userid,
Nick: "",
Permissions: []string{
"member",
"log.edit",
"post.edit",
"post.move",
"file.upload",
},
}
err := userCollection.Insert(user)
if err != nil {
return User{}, err
}
}
return user, err
}

Loading…
Cancel
Save