mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 15:26:04 +08:00
refer network controls form roles, add debug headers
This commit is contained in:
parent
0ff57bcc81
commit
7d052e64e2
|
@ -12,7 +12,7 @@ func userMiddleWare(handler http.Handler) http.Handler {
|
|||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
var params = mux.Vars(r)
|
||||
r.Header.Set("NET_ID", params["network"])
|
||||
if strings.Contains(r.URL.Path, "host") || strings.Contains(r.URL.Path, "node") {
|
||||
if strings.Contains(r.URL.Path, "hosts") || strings.Contains(r.URL.Path, "nodes") {
|
||||
r.Header.Set("TARGET_RSRC", models.HostRsrc.String())
|
||||
r.Header.Set("RSRC_TYPE", models.HostRsrc.String())
|
||||
}
|
||||
|
@ -56,8 +56,10 @@ func userMiddleWare(handler http.Handler) http.Handler {
|
|||
if r.Header.Get("TARGET_RSRC_ID") == "" {
|
||||
r.Header.Set("IS_GLOBAL_ACCESS", "yes")
|
||||
}
|
||||
// pro
|
||||
|
||||
w.Header().Set("TARGET_RSRC", r.Header.Get("TARGET_RSRC"))
|
||||
w.Header().Set("TARGET_RSRC_ID", r.Header.Get("TARGET_RSRC_ID"))
|
||||
w.Header().Set("RSRC_TYPE", r.Header.Get("RSRC_TYPE"))
|
||||
w.Header().Set("IS_GLOBAL_ACCESS", r.Header.Get("IS_GLOBAL_ACCESS"))
|
||||
handler.ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
|
|
|
@ -148,10 +148,7 @@ func SecurityCheck(reqAdmin bool, next http.Handler) http.HandlerFunc {
|
|||
err = networkPermissionsCheck(username, r)
|
||||
}
|
||||
}
|
||||
w.Header().Set("TARGET_RSRC", r.Header.Get("TARGET_RSRC"))
|
||||
w.Header().Set("TARGET_RSRC_ID", r.Header.Get("TARGET_RSRC_ID"))
|
||||
w.Header().Set("NET_ID", r.Header.Get("NET_ID"))
|
||||
w.Header().Set("ACCESS_RESP", err.Error())
|
||||
w.Header().Set("ACCESS_PERM", err.Error())
|
||||
r.Header.Set("user", username)
|
||||
next.ServeHTTP(w, r)
|
||||
}
|
||||
|
|
|
@ -32,8 +32,14 @@ var NetworkUserPermissionTemplate = models.UserRolePermissionTemplate{
|
|||
ID: models.NetworkUser,
|
||||
Default: true,
|
||||
FullAccess: false,
|
||||
DenyDashboardAccess: true,
|
||||
NetworkLevelAccess: make(map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope),
|
||||
DenyDashboardAccess: false,
|
||||
NetworkLevelAccess: map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope{
|
||||
models.RemoteAccessGwRsrc: {
|
||||
models.AllRemoteAccessGwRsrcID: models.RsrcPermissionScope{
|
||||
Read: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
func UserRolesInit() {
|
||||
|
|
|
@ -63,11 +63,10 @@ func (g UserGroupID) String() string {
|
|||
}
|
||||
|
||||
type RsrcPermissionScope struct {
|
||||
Create bool `json:"create"`
|
||||
Read bool `json:"read"`
|
||||
Update bool `json:"update"`
|
||||
Delete bool `json:"delete"`
|
||||
VPNAccess bool `json:"vpn_access"`
|
||||
Create bool `json:"create"`
|
||||
Read bool `json:"read"`
|
||||
Update bool `json:"update"`
|
||||
Delete bool `json:"delete"`
|
||||
}
|
||||
|
||||
type UserRolePermissionTemplate struct {
|
||||
|
|
Loading…
Reference in a new issue