https://kotlinlang.org logo
Join SlackCommunities
Powered by
I ended up creating an extension function for `Pip...
# ktor
p
I ended up creating an extension function for 
PipelineContext
that I can use inside HTTP methods:
Copy code
sealed class Permission(val name: String) 

sealed class Article(name: String): Permission(name) {
    object Create: Article("articles.create")
    object Delete: Article("articles.delete")
}

fun PipelineContext<Unit, ApplicationCall>.hasPermission(permission: Permission) {
    val principal = call.authentication.principal<ApiClientPrincipal>()!!

    if (!principal.permissions.contains(permission.name)) {
        throw AuthorizationException()
    }
}
and then
Copy code
route("/articles") {
        post("/") {
            hasPermission(Article.Create)
            ...
        }
    }
2 Views
Open in Slack
PreviousNext
Powered by