From 5614adc762adc2e94a9bf2d6d69fef46570ae376 Mon Sep 17 00:00:00 2001
From: Runxi Yu <me@runxiyu.org>
Date: Thu, 6 Mar 2025 20:44:21 +0800
Subject: http: Check for direct user access

---
 http_handle_group_index.go | 15 +++++++++++++++
 http_server.go             |  5 +++--
 templates/_header.tmpl     |  4 ++--
 3 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/http_handle_group_index.go b/http_handle_group_index.go
index 438729b..e235006 100644
--- a/http_handle_group_index.go
+++ b/http_handle_group_index.go
@@ -61,6 +61,20 @@ func handle_group_index(w http.ResponseWriter, r *http.Request, params map[strin
 		return
 	}
 
+	// ACL
+	var count int
+	err = database.QueryRow(r.Context(), `
+		SELECT COUNT(*)
+		FROM user_group_roles
+		WHERE user_id = $1
+			AND group_id = $2
+	`, params["user_id"].(int), group_id).Scan(&count)
+	if err != nil {
+		http.Error(w, "Error checking access: "+err.Error(), http.StatusInternalServerError)
+		return
+	}
+	direct_access := (count > 0)
+
 	// Repos
 	var rows pgx.Rows
 	rows, err = database.Query(r.Context(), `
@@ -115,6 +129,7 @@ func handle_group_index(w http.ResponseWriter, r *http.Request, params map[strin
 	params["repos"] = repos
 	params["subgroups"] = subgroups
 	params["description"] = group_description
+	params["direct_access"] = direct_access
 
 	fmt.Println(group_path)
 
diff --git a/http_server.go b/http_server.go
index 199a3c5..0dc324d 100644
--- a/http_server.go
+++ b/http_server.go
@@ -56,6 +56,7 @@ func (router *http_router_t) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	params["global"] = global_data
 	var _user_id int // 0 for none
 	_user_id, params["username"], err = get_user_info_from_request(r)
+	params["user_id"] = _user_id
 	if errors.Is(err, http.ErrNoCookie) {
 	} else if errors.Is(err, pgx.ErrNoRows) {
 	} else if err != nil {
@@ -64,9 +65,9 @@ func (router *http_router_t) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	}
 
 	if _user_id == 0 {
-		params["user_id"] = ""
+		params["user_id_string"] = ""
 	} else {
-		params["user_id"] = strconv.Itoa(_user_id)
+		params["user_id_string"] = strconv.Itoa(_user_id)
 	}
 
 	if segments[0] == ":" {
diff --git a/templates/_header.tmpl b/templates/_header.tmpl
index 9fb0e75..0100b7d 100644
--- a/templates/_header.tmpl
+++ b/templates/_header.tmpl
@@ -8,8 +8,8 @@
 		<a href="/">{{ .global.forge_title }}</a>
 	</div>
 	<div id="main-header-user">
-		{{ if ne .user_id "" }}
-			<a href="/:/users/{{ .user_id }}">{{ .username }}</a>
+		{{ if ne .user_id_string "" }}
+			<a href="/:/users/{{ .user_id_string }}">{{ .username }}</a>
 		{{ else }}
 			<a href="/:/login/">Login</a>
 		{{ end }}
-- 
cgit v1.2.3