package web import ( "net/http" "strconv" "github.com/astaxie/session" "github.com/jinzhu/gorm" "github.com/julienschmidt/httprouter" libapi "dev.sum7.de/sum7/warehost/lib/api" log "dev.sum7.de/sum7/warehost/lib/log" libsystem "dev.sum7.de/sum7/warehost/system" ) // Handle to handle request with session and current logged in user type Handle func(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *libsystem.Login, id int64) (interface{}, *libapi.ErrorResult) //InvolveWebsiteHandler for api function to Verifie User ist loggedin func InvolveWebsiteHandler(h Handle, sessions *session.Manager, dbconnection *gorm.DB) httprouter.Handle { return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { sess := sessions.SessionStart(w, r) err := &libapi.ErrorResult{Fields: []string{"session"}, Message: "Not logged in"} var data interface{} data = false if login := sess.Get("login"); login != nil { if loginObj := login.(libsystem.Login); loginObj.Active { id, errI := strconv.ParseInt(ps.ByName("websiteid"), 10, 64) if errI != nil { err = &libapi.ErrorResult{Fields: []string{"websiteid"}, Message: "Not a valid websiteid"} log.Log.Warn("invalid websiteid, no integer") } else { res := dbconnection.Where(map[string]int64{"website": id, "login": loginObj.ID}).Find(&Manager{}) if !res.RecordNotFound() { data, err = h(w, r, ps, sess, &loginObj, id) } else { err = &libapi.ErrorResult{Fields: []string{"permission"}, Message: "No permission"} log.Log.Info("no Permissions") } } } else { log.Log.Warn("user not active") } } else { log.Log.Warn("not loggedin") } libapi.JSONOutput(w, r, sess, data, err) } }