From 197b0bcbde02b1e049f10c6d2475bef499e2144c Mon Sep 17 00:00:00 2001
From: andres-portainer <91705312+andres-portainer@users.noreply.github.com>
Date: Thu, 2 Mar 2023 12:52:10 -0300
Subject: [PATCH] fix(code): add missing returns after sending HTTP errors
 EE-4442 (#7868)

---
 api/http/handler/backup/handler.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/api/http/handler/backup/handler.go b/api/http/handler/backup/handler.go
index cd95d71b8..a8782fa64 100644
--- a/api/http/handler/backup/handler.go
+++ b/api/http/handler/backup/handler.go
@@ -61,10 +61,12 @@ func adminAccess(next http.Handler) http.Handler {
 		securityContext, err := security.RetrieveRestrictedRequestContext(r)
 		if err != nil {
 			httperror.WriteError(w, http.StatusInternalServerError, "Unable to retrieve user info from request context", err)
+			return
 		}
 
 		if !securityContext.IsAdmin {
 			httperror.WriteError(w, http.StatusUnauthorized, "User is not authorized to perform the action", nil)
+			return
 		}
 
 		next.ServeHTTP(w, r)