rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

debug: add RBAC logging to RequireRoles middleware

Browse source
This commit is contained in:
Tiago Yamamoto 2025-12-26 00:42:55 -03:00
parent 01aca8971b
commit f396acfb72
1 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
backend/internal/api/middleware/auth_middleware.go
View file

@ -127,17 +127,28 @@ func (m *Middleware) OptionalHeaderAuthGuard(next http.Handler) http.Handler {
func (m *Middleware) RequireRoles(roles ...string) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
roleValues := ExtractRoles(r.Context().Value(ContextRoles))
fmt.Printf("[RBAC DEBUG] === RequireRoles START for %s %s ===\n", r.Method, r.URL.Path)
fmt.Printf("[RBAC DEBUG] Required roles: %v\n", roles)
rawRoles := r.Context().Value(ContextRoles)
fmt.Printf("[RBAC DEBUG] Raw roles from context: %v (type: %T)\n", rawRoles, rawRoles)
roleValues := ExtractRoles(rawRoles)
fmt.Printf("[RBAC DEBUG] Extracted roles: %v\n", roleValues)
if len(roleValues) == 0 {
fmt.Printf("[RBAC DEBUG] FAILED: No roles found in context\n")
http.Error(w, "Roles not found", http.StatusForbidden)
return
}
if hasRole(roleValues, roles) {
fmt.Printf("[RBAC DEBUG] SUCCESS: User has required role\n")
next.ServeHTTP(w, r)
return
}
fmt.Printf("[RBAC DEBUG] FAILED: User roles %v do not match required %v\n", roleValues, roles)
http.Error(w, "Forbidden: insufficient permissions", http.StatusForbidden)
})
}