refactor: decorate handler with access check middleware

2 files changed, 10 insertions, 5 deletions

diff --git a/app/controllers/dashboard/controller.go b/app/controllers/dashboard/controller.go
index 097834f..04a7ed1 100644
--- a/app/controllers/dashboard/controller.go
+++ b/app/controllers/dashboard/controller.go
@@ -3,6 +3,7 @@ package dashboard
 import (
 	"net/http"
 
+	"github.com/xlgmokha/x/pkg/x"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/middleware"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/views"
@@ -17,9 +18,11 @@ func New() *Controller {
 }
 
 func (c *Controller) MountTo(mux *http.ServeMux) {
-	requireUser := middleware.RequireUser()
+	mux.Handle("GET /dashboard", x.Middleware[http.Handler](
+		http.HandlerFunc(c.Show),
+		middleware.RequireUser(),
+	))
 
-	mux.Handle("GET /dashboard", requireUser(http.HandlerFunc(c.Show)))
 	mux.Handle("GET /dashboard/nav", http.HandlerFunc(c.Navigation))
 }
 
diff --git a/app/controllers/sparkles/controller.go b/app/controllers/sparkles/controller.go
index cd86cd2..bd7264e 100644
--- a/app/controllers/sparkles/controller.go
+++ b/app/controllers/sparkles/controller.go
@@ -21,10 +21,12 @@ func New(db domain.Repository[*domain.Sparkle]) *Controller {
 }
 
 func (c *Controller) MountTo(mux *http.ServeMux) {
-	requireUser := middleware.RequireUser()
-
 	mux.HandleFunc("GET /sparkles", c.Index)
-	mux.Handle("POST /sparkles", requireUser(http.HandlerFunc(c.Create)))
+	mux.Handle("POST /sparkles", x.Middleware[http.Handler](
+		http.HandlerFunc(c.Create),
+		middleware.RequireUser(),
+		// middleware.RequirePermission("create_sparkle", nil),
+	))
 
 	// This is a temporary endpoint to restore a backup
 	mux.HandleFunc("POST /sparkles/restore", c.Restore)