feat: checking user authorization on image retrieval

2025-04-11 19:41:36 +01:00
parent fba1618888
commit 6290c4b843
2 changed files with 25 additions and 13 deletions
--- a/backend/models/image.go
+++ b/backend/models/image.go
@@ -147,6 +147,15 @@ func (m ImageModel) Get(ctx context.Context, imageId uuid.UUID) (ImageData, erro
 	return images[0], err
 }

+func (m ImageModel) IsUserAuthorized(ctx context.Context, imageId uuid.UUID, userId uuid.UUID) bool {
+	getImageUserId := UserImages.SELECT(UserImages.UserID).WHERE(UserImages.ImageID.EQ(UUID(imageId)))
+
+	userImage := model.UserImages{}
+	err := getImageUserId.QueryContext(ctx, m.dbPool, &userImage)
+
+	return err != nil && userImage.UserID.String() == userId.String()
+}
+
 func NewImageModel(db *sql.DB) ImageModel {
 	return ImageModel{dbPool: db}
 }