From d389e7b150df6ecd215c7b661b294ea153ad0103 Mon Sep 17 00:00:00 2001
From: Tobi Smethurst <31960611+tsmethurst@users.noreply.github.com>
Date: Mon, 5 Jul 2021 13:23:03 +0200
Subject: Domain block (#76)

* start work on admin domain blocking

* move stuff around + further work on domain blocks

* move + restructure processor

* prep work for deleting account

* tidy

* go fmt

* formatting

* domain blocking more work

* check domain blocks way earlier on

* progress on delete account

* delete more stuff when an account is gone

* and more...

* domain blocky block block

* get individual domain block, delete a block
---
 internal/oauth/util.go | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

(limited to 'internal/oauth/util.go')

diff --git a/internal/oauth/util.go b/internal/oauth/util.go
index 378b81450..2520fc784 100644
--- a/internal/oauth/util.go
+++ b/internal/oauth/util.go
@@ -73,14 +73,28 @@ func Authed(c *gin.Context, requireToken bool, requireApp bool, requireUser bool
 	if requireToken && a.Token == nil {
 		return nil, errors.New("token not supplied")
 	}
+
 	if requireApp && a.Application == nil {
 		return nil, errors.New("application not supplied")
 	}
-	if requireUser && a.User == nil {
-		return nil, errors.New("user not supplied")
+
+	if requireUser {
+		if a.User == nil {
+			return nil, errors.New("user not supplied")
+		}
+		if a.User.Disabled || !a.User.Approved {
+			return nil, errors.New("user disabled or not approved")
+		}
 	}
-	if requireAccount && a.Account == nil {
-		return nil, errors.New("account not supplied")
+
+	if requireAccount {
+		if a.Account == nil {
+			return nil, errors.New("account not supplied")
+		}
+		if !a.Account.SuspendedAt.IsZero() {
+			return nil, errors.New("account suspended")
+		}
 	}
+
 	return a, nil
 }
-- 
cgit v1.2.3