mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 23:36:18 +08:00
check for headers for subjects
This commit is contained in:
parent
89bbc467d9
commit
91a23160d0
|
@ -24,15 +24,18 @@ func networkPermissionsCheck(username string, r *http.Request) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if user.PermissionTemplate.ID == models.SuperAdminRole {
|
if user.PermissionTemplate.DashBoardAcls.FullAccess {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
// get info from header to determine the target rsrc
|
// get info from header to determine the target rsrc
|
||||||
targetRsrc := r.Header.Get("TARGET_RSRC")
|
targetRsrc := r.Header.Get("TARGET_RSRC")
|
||||||
targetRsrcID := r.Header.Get("TARGET_RSRC_ID")
|
targetRsrcID := r.Header.Get("TARGET_RSRC_ID")
|
||||||
netID := r.Header.Get("NET_ID")
|
netID := r.Header.Get("NET_ID")
|
||||||
if targetRsrc == "" || targetRsrcID == "" {
|
if targetRsrc == "" {
|
||||||
return errors.New("target rsrc or rsrc id is missing")
|
return errors.New("target rsrc is missing")
|
||||||
|
}
|
||||||
|
if netID == "" {
|
||||||
|
return errors.New("network id is missing")
|
||||||
}
|
}
|
||||||
if r.Method == "" {
|
if r.Method == "" {
|
||||||
r.Method = http.MethodGet
|
r.Method = http.MethodGet
|
||||||
|
@ -54,6 +57,9 @@ func networkPermissionsCheck(username string, r *http.Request) error {
|
||||||
return checkPermissionScopeWithReqMethod(allRsrcsTypePermissionScope, r.Method)
|
return checkPermissionScopeWithReqMethod(allRsrcsTypePermissionScope, r.Method)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
if targetRsrcID == "" {
|
||||||
|
return errors.New("target rsrc is missing")
|
||||||
|
}
|
||||||
if scope, ok := rsrcPermissionScope[models.RsrcID(targetRsrcID)]; ok {
|
if scope, ok := rsrcPermissionScope[models.RsrcID(targetRsrcID)]; ok {
|
||||||
return checkPermissionScopeWithReqMethod(scope, r.Method)
|
return checkPermissionScopeWithReqMethod(scope, r.Method)
|
||||||
}
|
}
|
||||||
|
@ -65,13 +71,13 @@ func globalPermissionsCheck(username string, r *http.Request) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if user.PermissionTemplate.ID == models.SuperAdminRole {
|
if user.PermissionTemplate.DashBoardAcls.FullAccess {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
targetRsrc := r.Header.Get("TARGET_RSRC")
|
targetRsrc := r.Header.Get("TARGET_RSRC")
|
||||||
targetRsrcID := r.Header.Get("TARGET_RSRC_ID")
|
targetRsrcID := r.Header.Get("TARGET_RSRC_ID")
|
||||||
if targetRsrc == "" || targetRsrcID == "" {
|
if targetRsrc == "" {
|
||||||
return errors.New("target rsrc or rsrc id is missing")
|
return errors.New("target rsrc is missing")
|
||||||
}
|
}
|
||||||
if r.Method == "" {
|
if r.Method == "" {
|
||||||
r.Method = http.MethodGet
|
r.Method = http.MethodGet
|
||||||
|
@ -87,6 +93,9 @@ func globalPermissionsCheck(username string, r *http.Request) error {
|
||||||
return checkPermissionScopeWithReqMethod(allRsrcsTypePermissionScope, r.Method)
|
return checkPermissionScopeWithReqMethod(allRsrcsTypePermissionScope, r.Method)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
if targetRsrcID == "" {
|
||||||
|
return errors.New("target rsrc id is missing")
|
||||||
|
}
|
||||||
if scope, ok := rsrcPermissionScope[models.RsrcID(targetRsrcID)]; ok {
|
if scope, ok := rsrcPermissionScope[models.RsrcID(targetRsrcID)]; ok {
|
||||||
return checkPermissionScopeWithReqMethod(scope, r.Method)
|
return checkPermissionScopeWithReqMethod(scope, r.Method)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue