|
|
@@ -48,6 +48,22 @@ func (c *RedirectBillingHandler) ServeHTTP(w http.ResponseWriter, r *http.Reques
|
|
|
user, _ := r.Context().Value(types.UserScope).(*models.User)
|
|
|
proj, _ := r.Context().Value(types.ProjectScope).(*models.Project)
|
|
|
|
|
|
+ // at the moment, the user must be the first admin user on the project - otherwise, redirect back to
|
|
|
+ // home page with error
|
|
|
+ var isFirstAdminUser bool
|
|
|
+
|
|
|
+ for _, role := range proj.Roles {
|
|
|
+ if role.UserID == user.ID && role.Kind == types.RoleAdmin {
|
|
|
+ isFirstAdminUser = true
|
|
|
+ break
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ if !isFirstAdminUser {
|
|
|
+ http.Redirect(w, r, "/dashboard?error="+url.QueryEscape("Only the creator of the project can manage billing"), 302)
|
|
|
+ return
|
|
|
+ }
|
|
|
+
|
|
|
// get an internal cookie
|
|
|
data := &CreateBillingCookieRequest{
|
|
|
ProjectID: proj.ID,
|
Alexander Belanger