Refactor - Extract auth-related ("api" package) function into a higher level

module. Prepare for function to be used by multiple modules.

Refactor - Extract auth-related ("api" package) function into a higher level
fc8a5fcb · mattc · 6ddbaecd · fc8a5fcb · fc8a5fcb
Commit fc8a5fcb authored 3 years ago by mattc
--- a/api/auth.go
+++ b/api/auth.go
@@ -113,3 +113,15 @@ func RepoAdminRoute(next func(r *http.Request, rctx rcontext.RequestContext, use
 		return regularFunc(r, rctx)
 	}
 }
+
+func GetRequestUserAdminStatus(r *http.Request, rctx rcontext.RequestContext, user UserInfo) (bool, bool) {
+	isGlobalAdmin := util.IsGlobalAdmin(user.UserId) || user.IsShared
+	isLocalAdmin, err := matrix.IsUserAdmin(rctx, r.Host, user.AccessToken, r.RemoteAddr)
+	if err != nil {
+		sentry.CaptureException(err)
+		rctx.Log.Error("Error verifying local admin: " + err.Error())
+		return isGlobalAdmin, false
+	}
+
+	return isGlobalAdmin, isLocalAdmin
+}
--- a/api/custom/purge.go
+++ b/api/custom/purge.go
@@ -48,7 +48,7 @@ func PurgeRemoteMedia(r *http.Request, rctx rcontext.RequestContext, user api.Us
 }

 func PurgeIndividualRecord(r *http.Request, rctx rcontext.RequestContext, user api.UserInfo) interface{} {
-	isGlobalAdmin, isLocalAdmin := getPurgeRequestInfo(r, rctx, user)
+	isGlobalAdmin, isLocalAdmin := api.GetRequestUserAdminStatus(r, rctx, user)
 	localServerName := r.Host

 	params := mux.Vars(r)
@@ -98,7 +98,7 @@ func PurgeIndividualRecord(r *http.Request, rctx rcontext.RequestContext, user a
 }

 func PurgeQuarantined(r *http.Request, rctx rcontext.RequestContext, user api.UserInfo) interface{} {
-	isGlobalAdmin, isLocalAdmin := getPurgeRequestInfo(r, rctx, user)
+	isGlobalAdmin, isLocalAdmin := api.GetRequestUserAdminStatus(r, rctx, user)
 	localServerName := r.Host

 	var affected []*types.Media
@@ -168,7 +168,7 @@ func PurgeOldMedia(r *http.Request, rctx rcontext.RequestContext, user api.UserI
 }

 func PurgeUserMedia(r *http.Request, rctx rcontext.RequestContext, user api.UserInfo) interface{} {
-	isGlobalAdmin, isLocalAdmin := getPurgeRequestInfo(r, rctx, user)
+	isGlobalAdmin, isLocalAdmin := api.GetRequestUserAdminStatus(r, rctx, user)
 	if !isGlobalAdmin && !isLocalAdmin {
 		return api.AuthFailed()
 	}
@@ -220,7 +220,7 @@ func PurgeUserMedia(r *http.Request, rctx rcontext.RequestContext, user api.User
 }

 func PurgeRoomMedia(r *http.Request, rctx rcontext.RequestContext, user api.UserInfo) interface{} {
-	isGlobalAdmin, isLocalAdmin := getPurgeRequestInfo(r, rctx, user)
+	isGlobalAdmin, isLocalAdmin := api.GetRequestUserAdminStatus(r, rctx, user)
 	if !isGlobalAdmin && !isLocalAdmin {
 		return api.AuthFailed()
 	}
@@ -300,7 +300,7 @@ func PurgeRoomMedia(r *http.Request, rctx rcontext.RequestContext, user api.User
 }

 func PurgeDomainMedia(r *http.Request, rctx rcontext.RequestContext, user api.UserInfo) interface{} {
-	isGlobalAdmin, isLocalAdmin := getPurgeRequestInfo(r, rctx, user)
+	isGlobalAdmin, isLocalAdmin := api.GetRequestUserAdminStatus(r, rctx, user)
 	if !isGlobalAdmin && !isLocalAdmin {
 		return api.AuthFailed()
 	}
@@ -343,15 +343,3 @@ func PurgeDomainMedia(r *http.Request, rctx rcontext.RequestContext, user api.Us

 	return &api.DoNotCacheResponse{Payload: map[string]interface{}{"purged": true, "affected": mxcs}}
 }
-
-func getPurgeRequestInfo(r *http.Request, rctx rcontext.RequestContext, user api.UserInfo) (bool, bool) {
-	isGlobalAdmin := util.IsGlobalAdmin(user.UserId) || user.IsShared
-	isLocalAdmin, err := matrix.IsUserAdmin(rctx, r.Host, user.AccessToken, r.RemoteAddr)
-	if err != nil {
-		sentry.CaptureException(err)
-		rctx.Log.Error("Error verifying local admin: " + err.Error())
-		return isGlobalAdmin, false
-	}
-
-	return isGlobalAdmin, isLocalAdmin
-}