diff --git a/auth/access.go b/auth/access.go index 6d6ac75..d843bbb 100644 --- a/auth/access.go +++ b/auth/access.go @@ -43,10 +43,10 @@ func ACSystem() func(c *gin.Context) { // ACAdmin shorthand for ACMust(ADMIN) func ACAdmin() func(c *gin.Context) { - return ACMust(ADMIN) + return ACMust(SYSTEM, ADMIN) } // ACUser shorthand for ACMust(USER) func ACUser() func(c *gin.Context) { - return ACMust(USER) + return ACMust(SYSTEM, ADMIN, USER) } diff --git a/control/service.go b/control/service.go index e774435..baba32e 100644 --- a/control/service.go +++ b/control/service.go @@ -5,6 +5,7 @@ import ( "strings" "github.com/gin-gonic/gin" + "github.com/spf13/viper" "kumoly.io/kumoly/app/auth" "kumoly.io/kumoly/app/email" "kumoly.io/kumoly/app/errors" @@ -58,6 +59,20 @@ func (srv Service) Load() error { server.OK(c, "email sent.") }) + if !viper.GetBool("prod") { + ctlAPI.GET("sys_login", func(c *gin.Context) { + err := auth.SetClaims(c, &auth.Claims{ + // Uid: usr.ID, + // User: usr.Username, + Groups: []string{auth.SYSTEM}, + }) + if err != nil { + panic(err) + } + server.OK(c, "logged in.") + }) + } + // this should be in task service ctlAPI.GET("tasks", auth.ACAdmin(), func(c *gin.Context) { server.OK(c, task.GetProfile())