diff options
Diffstat (limited to '')
-rw-r--r-- | endpoint_export.go | 40 |
1 files changed, 3 insertions, 37 deletions
diff --git a/endpoint_export.go b/endpoint_export.go index 401c632..5118181 100644 --- a/endpoint_export.go +++ b/endpoint_export.go @@ -22,55 +22,21 @@ package main import ( "encoding/csv" - "errors" "fmt" "net/http" "strings" - - "github.com/jackc/pgx/v5" ) func handleExport(w http.ResponseWriter, req *http.Request) { - sessionCookie, err := req.Cookie("session") - if errors.Is(err, http.ErrNoCookie) { - wstr( - w, - http.StatusUnauthorized, - "No session cookie, which is required for this endpoint", - ) - return - } else if err != nil { - wstr(w, http.StatusBadRequest, "Error: Unable to check cookie.") - return - } - - var userDepartment string - err = db.QueryRow( - req.Context(), - "SELECT department FROM users WHERE session = $1", - sessionCookie.Value, - ).Scan(&userDepartment) + _, _, department, err := getUserInfoFromRequest(req) if err != nil { - if errors.Is(err, pgx.ErrNoRows) { - wstr( - w, - http.StatusForbidden, - "Invalid session cookie", - ) - return - } wstr( w, http.StatusInternalServerError, - fmt.Sprintf( - "Error: Unexpected database error: %s", - err, - ), + fmt.Sprintf("Error: %v", err), ) - return } - - if userDepartment != staffDepartment { + if department != staffDepartment { wstr( w, http.StatusForbidden, |