mirror of
https://github.com/gravitl/netmaker.git
synced 2025-09-06 05:04:27 +08:00
fix global network role access
This commit is contained in:
parent
0246a7e32d
commit
2852314762
2 changed files with 10 additions and 1 deletions
|
@ -82,8 +82,17 @@ func NetworkPermissionsCheck(username string, r *http.Request) error {
|
|||
}
|
||||
}
|
||||
for groupID := range user.UserGroups {
|
||||
|
||||
userG, err := GetUserGroup(groupID)
|
||||
if err == nil {
|
||||
if netRoles, ok := userG.NetworkRoles[models.AllNetworks]; ok {
|
||||
for netRoleID := range netRoles {
|
||||
err = checkNetworkAccessPermissions(netRoleID, username, r.Method, targetRsrc, targetRsrcID, netID)
|
||||
if err == nil {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
}
|
||||
netRoles := userG.NetworkRoles[models.NetworkID(netID)]
|
||||
for netRoleID := range netRoles {
|
||||
err = checkNetworkAccessPermissions(netRoleID, username, r.Method, targetRsrc, targetRsrcID, netID)
|
||||
|
|
|
@ -87,7 +87,7 @@ func UserGroupsInit() {
|
|||
Name: "Network Admin Group",
|
||||
MetaData: "Users in this group can manage all your networks configuration.",
|
||||
NetworkRoles: map[models.NetworkID]map[models.UserRoleID]struct{}{
|
||||
models.NetworkID("*"): {
|
||||
models.AllNetworks: {
|
||||
models.UserRoleID(fmt.Sprintf("global-%s", models.NetworkAdmin)): {},
|
||||
},
|
||||
},
|
||||
|
|
Loading…
Add table
Reference in a new issue