From 668f421efd0a0c51ac5da50d75aa9c7250adb205 Mon Sep 17 00:00:00 2001
From: Dikiy13371 <css81933@gmail.com>
Date: Wed, 8 Oct 2025 00:56:59 +0300
Subject: [PATCH] role_required.go add

---
 web/middleware/role_required.go | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 web/middleware/role_required.go

diff --git a/web/middleware/role_required.go b/web/middleware/role_required.go
new file mode 100644
index 00000000..d0919c77
--- /dev/null
+++ b/web/middleware/role_required.go
@@ -0,0 +1,28 @@
+package middleware
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+)
+
+// RoleRequired проверяет, есть ли у пользователя нужная роль.
+func RoleRequired(roles ...string) gin.HandlerFunc {
+	allowed := make(map[string]bool)
+	for _, r := range roles {
+		allowed[r] = true
+	}
+	return func(c *gin.Context) {
+		roleVal, exists := c.Get("role") // где-то до этого роль должна быть положена в контекст
+		if !exists {
+			c.AbortWithStatus(http.StatusUnauthorized)
+			return
+		}
+		role, ok := roleVal.(string)
+		if !ok || !allowed[role] {
+			c.AbortWithStatus(http.StatusForbidden)
+			return
+		}
+		c.Next()
+	}
+}