fix global network role access

This commit is contained in:
abhishek9686 2024-10-29 20:24:31 +04:00
parent 0246a7e32d
commit 2852314762
2 changed files with 10 additions and 1 deletions

View file

@ -82,8 +82,17 @@ func NetworkPermissionsCheck(username string, r *http.Request) error {
}
}
for groupID := range user.UserGroups {
userG, err := GetUserGroup(groupID)
if err == nil {
if netRoles, ok := userG.NetworkRoles[models.AllNetworks]; ok {
for netRoleID := range netRoles {
err = checkNetworkAccessPermissions(netRoleID, username, r.Method, targetRsrc, targetRsrcID, netID)
if err == nil {
return nil
}
}
}
netRoles := userG.NetworkRoles[models.NetworkID(netID)]
for netRoleID := range netRoles {
err = checkNetworkAccessPermissions(netRoleID, username, r.Method, targetRsrc, targetRsrcID, netID)

View file

@ -87,7 +87,7 @@ func UserGroupsInit() {
Name: "Network Admin Group",
MetaData: "Users in this group can manage all your networks configuration.",
NetworkRoles: map[models.NetworkID]map[models.UserRoleID]struct{}{
models.NetworkID("*"): {
models.AllNetworks: {
models.UserRoleID(fmt.Sprintf("global-%s", models.NetworkAdmin)): {},
},
},