🩹 Only allow eligible voters to vote
This commit is contained in:
Brian Wiborg
parent
538f640538
commit
116eb4604a
1 changed files with 20 additions and 1 deletions
21
http/main.go
21
http/main.go
|
|
@ -114,6 +114,9 @@ func handleVote(ctx echo.Context) error {
|
|||
if time.Now().UTC().After(v.Deadline()) {
|
||||
return ctx.Redirect(http.StatusFound, fmt.Sprintf("/v/%s", vid))
|
||||
}
|
||||
if !eligible(elector, v.Electors()) {
|
||||
return ctx.String(http.StatusForbidden, "")
|
||||
}
|
||||
if c, err = vote.ChoiceFromString(choice); err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -127,10 +130,26 @@ func handleVote(ctx echo.Context) error {
|
|||
func handleShowVoting(ctx echo.Context) error {
|
||||
v, err := store.GetVoting(ctx.Param("id"))
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
return err
|
||||
}
|
||||
if v.Deadline().After(time.Now().UTC()) {
|
||||
if !eligible(ctx.Request().Header.Get("X-Remote-User"), v.Electors()) {
|
||||
return ctx.String(http.StatusForbidden, "")
|
||||
}
|
||||
}
|
||||
return ctx.Render(http.StatusOK, "voting", map[string]interface{}{
|
||||
"Voting": v,
|
||||
})
|
||||
}
|
||||
|
||||
func eligible(e string, electors []string) bool {
|
||||
if electors == nil || len(electors) == 0 {
|
||||
return true
|
||||
}
|
||||
for _, _e := range electors {
|
||||
if strings.ToLower(_e) == strings.ToLower(e) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue