Skip to content

Commit 0df3356

Browse files
ayu-devtronayu-devtron
committed
handle nil check
1 parent 9621453 commit 0df3356

File tree

1 file changed

+23
-18
lines changed

1 file changed

+23
-18
lines changed

api/restHandler/ImageScanRestHandler.go

Lines changed: 23 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -195,29 +195,34 @@ func (impl ImageScanRestHandlerImpl) FetchExecutionDetail(w http.ResponseWriter,
195195
}
196196
return
197197
}
198-
//RBAC
198+
199199
token := r.Header.Get("token")
200-
if executionDetail.AppId > 0 && executionDetail.EnvId > 0 {
201-
object := impl.enforcerUtil.GetAppRBACNameByAppId(appId)
202-
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, object); !ok {
203-
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
204-
return
205-
}
206-
object = impl.enforcerUtil.GetEnvRBACNameByAppId(appId, envId)
207-
if ok := impl.enforcer.Enforce(token, casbin.ResourceEnvironment, casbin.ActionGet, object); !ok {
208-
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
209-
return
210-
}
211-
} else if executionDetail.AppId > 0 {
212-
object := impl.enforcerUtil.GetAppRBACNameByAppId(appId)
213-
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, object); !ok {
200+
if executionDetail != nil {
201+
//RBAC
202+
if executionDetail.AppId > 0 && executionDetail.EnvId > 0 {
203+
object := impl.enforcerUtil.GetAppRBACNameByAppId(appId)
204+
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, object); !ok {
205+
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
206+
return
207+
}
208+
object = impl.enforcerUtil.GetEnvRBACNameByAppId(appId, envId)
209+
if ok := impl.enforcer.Enforce(token, casbin.ResourceEnvironment, casbin.ActionGet, object); !ok {
210+
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
211+
return
212+
}
213+
} else if executionDetail.AppId > 0 {
214+
object := impl.enforcerUtil.GetAppRBACNameByAppId(appId)
215+
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, object); !ok {
216+
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
217+
return
218+
}
219+
} else {
214220
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
215-
return
216221
}
222+
//RBAC
217223
} else {
218-
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
224+
common.WriteJsonResp(w, err, &security.ImageScanExecutionDetail{}, http.StatusOK)
219225
}
220-
//RBAC
221226

222227
common.WriteJsonResp(w, err, executionDetail, http.StatusOK)
223228
}

0 commit comments

Comments
 (0)