add forbidden check for access token creation

controllers/user.go

@@ -84,21 +84,14 @@ func createUserAccessToken(w http.ResponseWriter, r *http.Request) {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
 		return
 	}
-	if caller.UserName != user.UserName {
-		if caller.IsAdmin && user.IsSuperAdmin {
-			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
-			return
-		}
-		if caller.IsAdmin && user.IsAdmin {
-			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
-			return
-		}
-		if !caller.IsAdmin && user.IsAdmin {
-			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
-			return
-		}
-		if !caller.IsAdmin && !user.IsAdmin {
-			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
+	if caller.UserName != user.UserName && caller.PlatformRoleID != models.SuperAdminRole {
+		if caller.PlatformRoleID == models.AdminRole {
+			if user.PlatformRoleID == models.SuperAdminRole || user.PlatformRoleID == models.AdminRole {
+				logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not enough permissions to create token for user "+user.UserName), logic.Forbidden_Msg))
+				return
+			}
+		} else {
+			logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not enough permissions to create token for user "+user.UserName), logic.Forbidden_Msg))
 			return
 		}
 	}
@@ -182,24 +175,18 @@ func deleteUserAccessTokens(w http.ResponseWriter, r *http.Request) {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
 		return
 	}
-	if caller.UserName != user.UserName {
-		if caller.IsAdmin && user.IsSuperAdmin {
-			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
-			return
-		}
-		if caller.IsAdmin && user.IsAdmin {
-			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
-			return
-		}
-		if !caller.IsAdmin && user.IsAdmin {
-			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
-			return
-		}
-		if !caller.IsAdmin && !user.IsAdmin {
-			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "unauthorized"))
+	if caller.UserName != user.UserName && caller.PlatformRoleID != models.SuperAdminRole {
+		if caller.PlatformRoleID == models.AdminRole {
+			if user.PlatformRoleID == models.SuperAdminRole || user.PlatformRoleID == models.AdminRole {
+				logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not enough permissions to delete token of user "+user.UserName), logic.Forbidden_Msg))
+				return
+			}
+		} else {
+			logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("not enough permissions to delete token of user "+user.UserName), logic.Forbidden_Msg))
 			return
 		}
 	}
+
 	err = (&models.UserAccessToken{ID: id}).Delete()
 	if err != nil {
 		logic.ReturnErrorResponse(

db/sqlite.go

@@ -1,11 +1,12 @@
 package db
 
 import (
+	"os"
+	"path/filepath"
+
 	"gorm.io/driver/sqlite"
 	"gorm.io/gorm"
 	"gorm.io/gorm/logger"
-	"os"
-	"path/filepath"
 )
 
 // sqliteConnector for initializing and
@@ -28,7 +29,7 @@ func (s *sqliteConnector) connect() (*gorm.DB, error) {
 		}
 	}
 
-	dbFilePath := filepath.Join("data", "netmaker_v1.db")
+	dbFilePath := filepath.Join("data", "netmaker.db")
 
 	// ensure netmaker_v1.db exists.
 	_, err = os.Stat(dbFilePath)