Optimizations. User-Role handling in templates and routes.

auth.go

@@ -46,7 +46,7 @@ func hashPassword(password string) (string, error) {
 	return string(hashedPassword), nil
 }
 
-func AuthRequired() gin.HandlerFunc {
+func ReaderAuthRequired() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		auth, okAuth := session.GetAuthenticated(c)
 		username, okUser := session.GetUsername(c)
@@ -60,6 +60,20 @@ func AuthRequired() gin.HandlerFunc {
 	}
 }
 
+func AuthorAuthRequired() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		auth, okAuth := session.GetAuthenticated(c)
+		username, okUser := session.GetUsername(c)
+
+		if !okAuth || !okUser || !auth || !controllers.IsUserEnabled(username) || controllers.GetUserRole(username) == models.ReaderRole {
+			redirectToLogin(c)
+			return
+		}
+
+		c.Next()
+	}
+}
+
 func AdminAuthRequired() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		auth, okAuth := session.GetAuthenticated(c)
@@ -74,14 +88,6 @@ func AdminAuthRequired() gin.HandlerFunc {
 	}
 }
 
-func isUserAdmin(c *gin.Context) bool {
-	username, ok := session.GetUsername(c)
-	if !ok {
-		return false
-	}
-	return controllers.IsUserAdmin(username)
-}
-
 func redirectToLogin(c *gin.Context) {
 	if err := session.InvalidateSession(c); err != nil {
 		log.Fatal(err)