baccenfutter/govote
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

🩹 Only allow eligible voters to vote

Browse source
This commit is contained in:
Brian Wiborg 2024-05-13 01:27:01 +02:00
parent 538f640538
commit 116eb4604a
No known key found for this signature in database
GPG key ID: BE53FA9286B719D6
1 changed files with 20 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
http/main.go
View file

@ -114,6 +114,9 @@ func handleVote(ctx echo.Context) error {
if time.Now().UTC().After(v.Deadline()) { if time.Now().UTC().After(v.Deadline()) {
return ctx.Redirect(http.StatusFound, fmt.Sprintf("/v/%s", vid)) return ctx.Redirect(http.StatusFound, fmt.Sprintf("/v/%s", vid))
} }
if !eligible(elector, v.Electors()) {
return ctx.String(http.StatusForbidden, "")
}
if c, err = vote.ChoiceFromString(choice); err != nil { if c, err = vote.ChoiceFromString(choice); err != nil {
return err return err
} }
@ -127,10 +130,26 @@ func handleVote(ctx echo.Context) error {
func handleShowVoting(ctx echo.Context) error { func handleShowVoting(ctx echo.Context) error {
v, err := store.GetVoting(ctx.Param("id")) v, err := store.GetVoting(ctx.Param("id"))
if err != nil { if err != nil {
fmt.Println(err)
return err return err
} }
if v.Deadline().After(time.Now().UTC()) {
if !eligible(ctx.Request().Header.Get("X-Remote-User"), v.Electors()) {
return ctx.String(http.StatusForbidden, "")
}
}
return ctx.Render(http.StatusOK, "voting", map[string]interface{}{ return ctx.Render(http.StatusOK, "voting", map[string]interface{}{
"Voting": v, "Voting": v,
}) })
} }
func eligible(e string, electors []string) bool {
if electors == nil || len(electors) == 0 {
return true
}
for _, _e := range electors {
if strings.ToLower(_e) == strings.ToLower(e) {
return true
}
}
return false
}