lock this to tulpa.dev admins

2020-10-30 20:24:05 -04:00 · 2020-10-30 20:24:05 -04:00 · 8edb279f4e
parent a871b4e222
commit 8edb279f4e
2 changed files with 14 additions and 4 deletions
--- a/shell.nix
+++ b/shell.nix
@ -15,8 +15,8 @@ in pkgs.mkShell rec {

  B2_CREDFILE = "./var/secret/b2-creds.txt";
  B2_MODULE_BUCKET_NAME = "wasmcloud-modules";
-  RUST_LOG = "info,wasmcloud=debug";
  DATABASE_URL = "postgresql://postgres:hunter2@localhost:5432/wasmcloud";
-  ROCKET_DATABASES = ''{ main_data = { url = "${DATABASE_URL}" } }'';
  JWT_SECRET = "hunter2";
+  ROCKET_DATABASES = ''{ main_data = { url = "${DATABASE_URL}" } }'';
+  RUST_LOG = "info,wasmcloud=debug";
 }
--- a/src/gitea.rs
+++ b/src/gitea.rs
@ -1,4 +1,8 @@
-use crate::{api, jwt, models, schema, Gitea, MainDatabase};
+use crate::{
+    api::{self, Error, Result},
+    jwt, models, schema, Gitea, MainDatabase,
+};
+use color_eyre::eyre::eyre;
 use diesel::prelude::*;
 use rocket::{
    http::{Cookie, Cookies, SameSite},
@ -46,13 +50,19 @@ pub fn callback(
    conn: MainDatabase,
    token: TokenResponse<Gitea>,
    mut cookies: Cookies<'_>,
-) -> api::Result<String> {
+) -> Result<String> {
    let tok = token.access_token().to_string();
    let refresh = token.refresh_token().unwrap().to_string();

    let gitea_user =
        user(tok.clone()).map_err(|why| api::Error::ExternalDependencyFailed(why.into()))?;

+    if !gitea_user.is_admin {
+        return Err(Error::InternalServerError(eyre!(
+            "wasmcloud is not ready for general use yet sorry"
+        )));
+    }
+
    use schema::{
        gitea_tokens, tokens,
        users::{