pen/Turnpike
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactored user/volunteer/participant identity.

Browse source
This commit is contained in:
Pen Anderson 2026-03-10 14:08:00 -05:00
parent e640bf8bed
commit 883ebd584f
28 changed files with 450 additions and 265 deletions
Download patch file Download diff file Expand all files Collapse all files

6
handle_shifts.go
View file

@ -17,7 +17,7 @@ func (app *App) handleListShifts(w http.ResponseWriter, r *http.Request) {
}
claims := claimsFromContext(r)
if claims.Role == "colead" && deptID == nil && len(claims.DeptIDs) > 0 {
if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && deptID == nil && len(claims.DeptIDs) > 0 {
deptID = &claims.DeptIDs[0]
}
@ -40,7 +40,7 @@ func (app *App) handleCreateShift(w http.ResponseWriter, r *http.Request) {
return
}
claims := claimsFromContext(r)
if claims.Role == "colead" && !inSlice(s.DepartmentID, claims.DeptIDs) {
if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && !inSlice(s.DepartmentID, claims.DeptIDs) {
writeError(w, "forbidden: outside your department", http.StatusForbidden)
return
}
@ -65,7 +65,7 @@ func (app *App) handleUpdateShift(w http.ResponseWriter, r *http.Request) {
return
}
claims := claimsFromContext(r)
if claims.Role == "colead" {
if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
existing, _ := app.getShift(id)
if existing == nil || !inSlice(existing.DepartmentID, claims.DeptIDs) {
writeError(w, "forbidden: outside your department", http.StatusForbidden)