mirror of
https://github.com/gravitl/netmaker.git
synced 2025-09-12 08:04:25 +08:00
68 lines
1.7 KiB
Go
68 lines
1.7 KiB
Go
package logic
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/gravitl/netmaker/logic"
|
|
"github.com/gravitl/netmaker/models"
|
|
)
|
|
|
|
func MigrateUserRoleAndGroups(user models.User) {
|
|
var err error
|
|
if user.PlatformRoleID == models.AdminRole || user.PlatformRoleID == models.SuperAdminRole {
|
|
return
|
|
}
|
|
if len(user.RemoteGwIDs) > 0 {
|
|
// define user roles for network
|
|
// assign relevant network role to user
|
|
for remoteGwID := range user.RemoteGwIDs {
|
|
gwNode, err := logic.GetNodeByID(remoteGwID)
|
|
if err != nil {
|
|
continue
|
|
}
|
|
var g models.UserGroup
|
|
if user.PlatformRoleID == models.ServiceUser {
|
|
g, err = GetUserGroup(models.UserGroupID(fmt.Sprintf("%s-%s-grp", gwNode.Network, models.NetworkUser)))
|
|
} else {
|
|
g, err = GetUserGroup(models.UserGroupID(fmt.Sprintf("%s-%s-grp",
|
|
gwNode.Network, models.NetworkAdmin)))
|
|
}
|
|
if err != nil {
|
|
continue
|
|
}
|
|
user.UserGroups[g.ID] = struct{}{}
|
|
}
|
|
}
|
|
if len(user.NetworkRoles) > 0 {
|
|
for netID, netRoles := range user.NetworkRoles {
|
|
var g models.UserGroup
|
|
adminAccess := false
|
|
for netRoleID := range netRoles {
|
|
permTemplate, err := logic.GetRole(netRoleID)
|
|
if err == nil {
|
|
if permTemplate.FullAccess {
|
|
adminAccess = true
|
|
}
|
|
}
|
|
}
|
|
|
|
if user.PlatformRoleID == models.ServiceUser {
|
|
g, err = GetUserGroup(models.UserGroupID(fmt.Sprintf("%s-%s-grp", netID, models.NetworkUser)))
|
|
} else {
|
|
role := models.NetworkUser
|
|
if adminAccess {
|
|
role = models.NetworkAdmin
|
|
}
|
|
g, err = GetUserGroup(models.UserGroupID(fmt.Sprintf("%s-%s-grp",
|
|
netID, role)))
|
|
}
|
|
if err != nil {
|
|
continue
|
|
}
|
|
user.UserGroups[g.ID] = struct{}{}
|
|
user.NetworkRoles = make(map[models.NetworkID]map[models.UserRoleID]struct{})
|
|
}
|
|
|
|
}
|
|
logic.UpsertUser(user)
|
|
}
|