From db82dcf4432c99e9c2cf7d13b4113cec96840e66 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Z=C3=BCrcher?= <zuercher@mst.local>
Date: Thu, 13 Nov 2025 13:16:11 +0100
Subject: [PATCH] add exeption array to middleware Autorization

---
 handlers/middleware.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/handlers/middleware.go b/handlers/middleware.go
index f321432..0994913 100644
--- a/handlers/middleware.go
+++ b/handlers/middleware.go
@@ -3,6 +3,7 @@ package handlers
 import (
 	"log"
 	"net/http"
+	"slices"
 	"strings"
 
 	"gitea.tecamino.com/paadi/access-handler/models"
@@ -116,7 +117,7 @@ func (aH *AccessHandler) AuthMiddleware() gin.HandlerFunc {
 // Usage:
 //
 //	router.GET("/secure/:id", aH.AuthorizeRole("/api/v1"))
-func (aH *AccessHandler) AuthorizeRole(suffix string) gin.HandlerFunc {
+func (aH *AccessHandler) AuthorizeRole(suffix string, exeptions ...string) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		aH.logger.Debug("AuthorizeRole", "permission path of url path")
 		permissionPath := strings.TrimPrefix(c.Request.URL.Path, suffix+"/")
@@ -149,6 +150,12 @@ func (aH *AccessHandler) AuthorizeRole(suffix string) gin.HandlerFunc {
 			return
 		}
 
+		// check exeptions
+		if slices.Contains(exeptions, permissionPath) {
+			c.Next()
+			return
+		}
+
 		// Check permissions
 		for _, permission := range roles[0].Permissions {
 			if permission.Name == permissionPath {