commit 458a238c3810f0af2829bfc8878240014fd11504
parent 4a2350891a2e9ebc430873fadaac088d0d728361
Author: Daniel GarcĂa <dani-garcia@users.noreply.github.com>
Date: Tue, 17 Jul 2018 11:54:13 +0200
Merge pull request #89 from mprasil/unconfirmed_guard
Add confirmed check to the OrgHeaders request guard
Diffstat:
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/auth.rs b/src/auth.rs
@@ -95,7 +95,7 @@ use rocket::Outcome;
use rocket::request::{self, Request, FromRequest};
use db::DbConn;
-use db::models::{User, UserOrganization, UserOrgType, Device};
+use db::models::{User, UserOrganization, UserOrgType, UserOrgStatus, Device};
pub struct Headers {
pub host: String,
@@ -205,7 +205,13 @@ impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
};
let org_user = match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
- Some(user) => user,
+ Some(user) => {
+ if user.status == UserOrgStatus::Confirmed as i32 {
+ user
+ } else {
+ err_handler!("The current user isn't confirmed member of the organization")
+ }
+ }
None => err_handler!("The current user isn't member of the organization")
};
