mirrors/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-11-26 14:06:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(code): add missing returns after sending HTTP errors EE-4442 (#7868)

Browse Source
This commit is contained in:
andres-portainer
2023-03-02 12:52:10 -03:00
committed by GitHub
parent 6918da2414
commit 197b0bcbde
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/http/handler/backup/handler.go
View File

@@ -61,10 +61,12 @@ func adminAccess(next http.Handler) http.Handler {
securityContext, err := security.RetrieveRestrictedRequestContext(r)
if err != nil {
httperror.WriteError(w, http.StatusInternalServerError, "Unable to retrieve user info from request context", err)
return
}
if !securityContext.IsAdmin {
httperror.WriteError(w, http.StatusUnauthorized, "User is not authorized to perform the action", nil)
return
}
next.ServeHTTP(w, r)