func()

in internal/auth/middleware.go [27:61]

• 25 lines of code
• 7 McCabe index (conditional complexity)

func (a *Auth) AuthorizationMiddleware(handler http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		domain := domainCfg.FromRequest(r)

		lp, err := domain.GetLookupPath(r)
		if err != nil {
			if errors.Is(err, gitlab.ErrDiskDisabled) {
				errortracking.CaptureErrWithReqAndStackTrace(err, r)
				httperrors.Serve500(w)
				return
			}

			// redirect to auth and serve not found
			a.checkAuthAndServeNotFound(domain, w, r)
			return
		}

		// This is not auth related but there's no point in having
		// an extra middleware just for this.
		if lp.IsHTTPSOnly && !request.IsHTTPS(r) {
			redirectToHTTPS(w, r, http.StatusMovedPermanently)
			return
		}

		// Only for projects that have access control enabled
		if lp.HasAccessControl {
			// accessControlMiddleware
			if a.checkAuthentication(w, r, domain) {
				return
			}
		}

		handler.ServeHTTP(w, r)
	})
}