From 5614adc762adc2e94a9bf2d6d69fef46570ae376 Mon Sep 17 00:00:00 2001
From: Runxi Yu <me@runxiyu.org>
Date: Thu, 06 Mar 2025 20:44:21 +0800
Subject: [PATCH] http: Check for direct user access

---
 http_handle_group_index.go | 15 +++++++++++++++
 http_server.go             |  5 +++--
 templates/_header.tmpl     |  4 ++--

diff --git a/http_handle_group_index.go b/http_handle_group_index.go
index 438729b4cd3ec3644711b0908828bac7a74d9358..e235006be8db4ecbf2b4eafeaffbf0ba92093aad 100644
--- a/http_handle_group_index.go
+++ b/http_handle_group_index.go
@@ -61,6 +61,20 @@ 		http.Error(w, "Error getting group: "+err.Error(), http.StatusInternalServerError)
 		return
 	}
 
+	// ACL
+	var count int
+	err = database.QueryRow(r.Context(), `
+		SELECT COUNT(*)
+		FROM user_group_roles
+		WHERE user_id = $1
+			AND group_id = $2
+	`, params["user_id"].(int), group_id).Scan(&count)
+	if err != nil {
+		http.Error(w, "Error checking access: "+err.Error(), http.StatusInternalServerError)
+		return
+	}
+	direct_access := (count > 0)
+
 	// Repos
 	var rows pgx.Rows
 	rows, err = database.Query(r.Context(), `
@@ -115,6 +129,7 @@
 	params["repos"] = repos
 	params["subgroups"] = subgroups
 	params["description"] = group_description
+	params["direct_access"] = direct_access
 
 	fmt.Println(group_path)
 
diff --git a/http_server.go b/http_server.go
index 199a3c5e38c58494ce9857bc706e56195f3bcc5e..0dc324dd24ace0622464f77a411cf711b77dbf57 100644
--- a/http_server.go
+++ b/http_server.go
@@ -56,6 +56,7 @@ 	params["url_segments"] = segments
 	params["global"] = global_data
 	var _user_id int // 0 for none
 	_user_id, params["username"], err = get_user_info_from_request(r)
+	params["user_id"] = _user_id
 	if errors.Is(err, http.ErrNoCookie) {
 	} else if errors.Is(err, pgx.ErrNoRows) {
 	} else if err != nil {
@@ -64,9 +65,9 @@ 		return
 	}
 
 	if _user_id == 0 {
-		params["user_id"] = ""
+		params["user_id_string"] = ""
 	} else {
-		params["user_id"] = strconv.Itoa(_user_id)
+		params["user_id_string"] = strconv.Itoa(_user_id)
 	}
 
 	if segments[0] == ":" {
diff --git a/templates/_header.tmpl b/templates/_header.tmpl
index 9fb0e75e0f8c33a80a65e2440412fb205855ae36..0100b7dd9d892be28d73d4f282be22688481fc02 100644
--- a/templates/_header.tmpl
+++ b/templates/_header.tmpl
@@ -8,8 +8,8 @@ 	<div id="main-header-forge-title">
 		<a href="/">{{ .global.forge_title }}</a>
 	</div>
 	<div id="main-header-user">
-		{{ if ne .user_id "" }}
-			<a href="/:/users/{{ .user_id }}">{{ .username }}</a>
+		{{ if ne .user_id_string "" }}
+			<a href="/:/users/{{ .user_id_string }}">{{ .username }}</a>
 		{{ else }}
 			<a href="/:/login/">Login</a>
 		{{ end }}

-- 
2.48.1