From 028ef2a7960c616e62144e0869f086c1869027e4 Mon Sep 17 00:00:00 2001 From: Tobias de Bruijn Date: Wed, 11 Sep 2024 00:04:10 +0200 Subject: [PATCH] Fix admin authorization --- .github/workflows/release.yml | 0 frontend/src/layouts/components/AppBar.vue | 1 - server/src/server/types/authorization.rs | 35 +++++++++++++++++----- 3 files changed, 27 insertions(+), 9 deletions(-) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..e69de29 diff --git a/frontend/src/layouts/components/AppBar.vue b/frontend/src/layouts/components/AppBar.vue index fd23a39..051a8de 100644 --- a/frontend/src/layouts/components/AppBar.vue +++ b/frontend/src/layouts/components/AppBar.vue @@ -37,7 +37,6 @@ diff --git a/server/src/server/types/authorization.rs b/server/src/server/types/authorization.rs index 58a5575..878f02d 100644 --- a/server/src/server/types/authorization.rs +++ b/server/src/server/types/authorization.rs @@ -35,14 +35,17 @@ impl FromRequest for Authorization { fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future { let req = req.clone(); Box::pin(async move { - if !Self::ADMIN { - // We do not want authorization where admin rights aren't needed - return Ok(Self { is_admin: false }); - } - let token = match get_token(&req) { Some(token) => token, - None => return Err(AuthorizationError::NoToken), + None => { + return if Self::ADMIN { + Err(AuthorizationError::NoToken) + } else { + Ok(Self { + is_admin: false, + }) + } + }, }; let config: &WConfig = req.app_data().unwrap(); @@ -58,8 +61,24 @@ impl FromRequest for Authorization { Ok(userinfo) => userinfo, Err(e) => { return match e.status() { - Some(StatusCode::UNAUTHORIZED) => Err(AuthorizationError::NoToken), - _ => Err(AuthorizationError::Koala), + Some(StatusCode::UNAUTHORIZED) => { + if Self::ADMIN { + Err(AuthorizationError::NoToken) + } else { + Ok(Self { + is_admin: false, + }) + } + }, + _ => { + if Self::ADMIN { + Err(AuthorizationError::Koala) + } else { + Ok(Self { + is_admin: false, + }) + } + }, } } };