From 31cead0eb4fcbd2d251e590cfcbb49f7dbed1206 Mon Sep 17 00:00:00 2001
From: Thomas Boerger <thomas@webhippie.de>
Date: Mon, 1 Aug 2016 23:58:13 +0200
Subject: [PATCH] Copied MustAdmin into MustTeamAdmin for now

---
 router/middleware/session/team.go | 21 +++++++++++++++++++++
 router/router.go                  |  2 +-
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 router/middleware/session/team.go

diff --git a/router/middleware/session/team.go b/router/middleware/session/team.go
new file mode 100644
index 000000000..c9fc7ce5f
--- /dev/null
+++ b/router/middleware/session/team.go
@@ -0,0 +1,21 @@
+package session
+
+import (
+	"github.com/gin-gonic/gin"
+)
+
+func MustTeamAdmin() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		user := User(c)
+		switch {
+		case user == nil:
+			c.String(401, "User not authorized")
+			c.Abort()
+		case user.Admin == false:
+			c.String(413, "User not authorized")
+			c.Abort()
+		default:
+			c.Next()
+		}
+	}
+}
diff --git a/router/router.go b/router/router.go
index 5d37b53a1..912ae2736 100644
--- a/router/router.go
+++ b/router/router.go
@@ -64,7 +64,7 @@ func Load(middleware ...gin.HandlerFunc) http.Handler {
 
 	teams := e.Group("/api/teams")
 	{
-		// TODO: Restrict access
+		user.Use(session.MustTeamAdmin())
 
 		team := teams.Group("/:team")
 		{