From 839b5782284e0944bb9524bc7baef7199e530f6d Mon Sep 17 00:00:00 2001
From: Brad Rydzewski <brad.rydzewski@gmail.com>
Date: Thu, 9 Oct 2014 20:26:32 -0700
Subject: [PATCH] removed User checks from handler because middlware has our
 back

---
 server/handler/hook.go  |  6 ++++--
 server/handler/users.go | 38 ++++----------------------------------
 2 files changed, 8 insertions(+), 36 deletions(-)

diff --git a/server/handler/hook.go b/server/handler/hook.go
index fdeb800b..9f02285f 100644
--- a/server/handler/hook.go
+++ b/server/handler/hook.go
@@ -90,9 +90,11 @@ func PostHook(c web.C, w http.ResponseWriter, r *http.Request) {
 		PullRequest: hook.PullRequest,
 		Timestamp:   hook.Timestamp,
 		Message:     hook.Message,
-		Config:      string(yml)}
+		Config:      string(yml),
+	}
 	commit.SetAuthor(hook.Author)
-	// inser the commit into the database
+
+	// inserts the commit into the database
 	if err := datastore.PostCommit(ctx, &commit); err != nil {
 		w.WriteHeader(http.StatusBadRequest)
 		return
diff --git a/server/handler/users.go b/server/handler/users.go
index 75840ffa..36cf4060 100644
--- a/server/handler/users.go
+++ b/server/handler/users.go
@@ -17,15 +17,7 @@ import (
 //
 func GetUserList(c web.C, w http.ResponseWriter, r *http.Request) {
 	var ctx = context.FromC(c)
-	var user = ToUser(c)
-	switch {
-	case user == nil:
-		w.WriteHeader(http.StatusUnauthorized)
-		return
-	case user.Admin == false:
-		w.WriteHeader(http.StatusForbidden)
-		return
-	}
+
 	users, err := datastore.GetUserList(ctx)
 	if err != nil {
 		w.WriteHeader(http.StatusInternalServerError)
@@ -47,14 +39,7 @@ func GetUser(c web.C, w http.ResponseWriter, r *http.Request) {
 		host  = c.URLParams["host"]
 		login = c.URLParams["login"]
 	)
-	switch {
-	case user == nil:
-		w.WriteHeader(http.StatusUnauthorized)
-		return
-	case user.Admin == false:
-		w.WriteHeader(http.StatusForbidden)
-		return
-	}
+
 	user, err := datastore.GetUserLogin(ctx, host, login)
 	if err != nil {
 		w.WriteHeader(http.StatusNotFound)
@@ -72,18 +57,10 @@ func GetUser(c web.C, w http.ResponseWriter, r *http.Request) {
 func PostUser(c web.C, w http.ResponseWriter, r *http.Request) {
 	var ctx = context.FromC(c)
 	var (
-		user  = ToUser(c)
 		host  = c.URLParams["host"]
 		login = c.URLParams["login"]
 	)
-	switch {
-	case user == nil:
-		w.WriteHeader(http.StatusUnauthorized)
-		return
-	case user.Admin == false:
-		w.WriteHeader(http.StatusForbidden)
-		return
-	}
+
 	account := model.NewUser(host, login, "")
 	if err := datastore.PostUser(ctx, account); err != nil {
 		w.WriteHeader(http.StatusBadRequest)
@@ -105,14 +82,7 @@ func DelUser(c web.C, w http.ResponseWriter, r *http.Request) {
 		host  = c.URLParams["host"]
 		login = c.URLParams["login"]
 	)
-	switch {
-	case user == nil:
-		w.WriteHeader(http.StatusUnauthorized)
-		return
-	case user.Admin == false:
-		w.WriteHeader(http.StatusForbidden)
-		return
-	}
+
 	account, err := datastore.GetUserLogin(ctx, host, login)
 	if err != nil {
 		w.WriteHeader(http.StatusNotFound)