github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(code): add missing returns after sending HTTP errors EE-4442 (#7868)

pull/8449/head^2
andres-portainer 2023-03-02 12:52:10 -03:00 committed by GitHub
parent 6918da2414
commit 197b0bcbde
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/http/handler/backup/handler.go
View File

@ -61,10 +61,12 @@ func adminAccess(next http.Handler) http.Handler {
securityContext, err := security.RetrieveRestrictedRequestContext(r)
if err != nil {
httperror.WriteError(w, http.StatusInternalServerError, "Unable to retrieve user info from request context", err)
return
}
if !securityContext.IsAdmin {
httperror.WriteError(w, http.StatusUnauthorized, "User is not authorized to perform the action", nil)
return
}
next.ServeHTTP(w, r)