4 ماه پیش · 68e5f10d5a
--- a/controllers/user.go
+++ b/controllers/user.go
@@ -751,10 +751,10 @@ func updateUser(w http.ResponseWriter, r *http.Request) {
 
				 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "forbidden"))
			
 
				 		return
			
 
				 	}
			
 
				+	logic.AddGlobalNetRolesToAdmins(&userchange)
			
 
				 	if userchange.PlatformRoleID != user.PlatformRoleID || !logic.CompareMaps(user.UserGroups, userchange.UserGroups) {
			
 
				 		(&models.UserAccessToken{UserName: user.UserName}).DeleteAllUserTokens()
			
 
				 	}
			
 
				-	logic.AddGlobalNetRolesToAdmins(userchange)
			
 
				 	user, err = logic.UpdateUser(&userchange, user)
			
 
				 	if err != nil {
			
 
				 		logger.Log(0, username,
			
--- a/logic/auth.go
+++ b/logic/auth.go
@@ -186,7 +186,7 @@ func CreateUser(user *models.User) error {
 
				 		logger.Log(0, "failed to insert user", err.Error())
			
 
				 		return err
			
 
				 	}
			
 
				-	AddGlobalNetRolesToAdmins(*user)
			
 
				+	AddGlobalNetRolesToAdmins(user)
			
 
				 	return nil
			
 
				 }
			
 
				 
			
@@ -305,7 +305,7 @@ func UpdateUser(userchange, user *models.User) (*models.User, error) {
 
				 	}
			
 
				 	user.UserGroups = userchange.UserGroups
			
 
				 	user.NetworkRoles = userchange.NetworkRoles
			
 
				-	AddGlobalNetRolesToAdmins(*user)
			
 
				+	AddGlobalNetRolesToAdmins(user)
			
 
				 	err := ValidateUser(user)
			
 
				 	if err != nil {
			
 
				 		return &models.User{}, err
			
--- a/logic/user_mgmt.go
+++ b/logic/user_mgmt.go
@@ -61,7 +61,7 @@ var CreateDefaultNetworkRolesAndGroups = func(netID models.NetworkID) {}
 
				 var CreateDefaultUserPolicies = func(netID models.NetworkID) {}
			
 
				 var GetUserGroupsInNetwork = func(netID models.NetworkID) (networkGrps map[models.UserGroupID]models.UserGroup) { return }
			
 
				 var GetUserGroup = func(groupId models.UserGroupID) (userGrps models.UserGroup, err error) { return }
			
 
				-var AddGlobalNetRolesToAdmins = func(u models.User) {}
			
 
				+var AddGlobalNetRolesToAdmins = func(u *models.User) {}
			
 
				 
			
 
				 // GetRole - fetches role template by id
			
 
				 func GetRole(roleID models.UserRoleID) (models.UserRolePermissionTemplate, error) {
			
--- a/migrate/migrate.go
+++ b/migrate/migrate.go
@@ -406,11 +406,12 @@ func syncUsers() {
 
				 			}
			
 
				 			if user.PlatformRoleID == models.SuperAdminRole && !user.IsSuperAdmin {
			
 
				 				user.IsSuperAdmin = true
			
 
				-				logic.UpsertUser(user)
			
 
				+
			
 
				 			}
			
 
				 			if user.PlatformRoleID.String() != "" {
			
 
				 				logic.MigrateUserRoleAndGroups(user)
			
 
				-				logic.AddGlobalNetRolesToAdmins(user)
			
 
				+				logic.AddGlobalNetRolesToAdmins(&user)
			
 
				+				logic.UpsertUser(user)
			
 
				 				continue
			
 
				 			}
			
 
				 			user.AuthType = models.BasicAuth
			
@@ -431,9 +432,9 @@ func syncUsers() {
 
				 			} else {
			
 
				 				user.PlatformRoleID = models.ServiceUser
			
 
				 			}
			
 
				-			logic.UpsertUser(user)
			
 
				-			logic.AddGlobalNetRolesToAdmins(user)
			
 
				+			logic.AddGlobalNetRolesToAdmins(&user)
			
 
				 			logic.MigrateUserRoleAndGroups(user)
			
 
				+			logic.UpsertUser(user)
			
 
				 		}
			
 
				 	}
			
 
				 
			
--- a/pro/logic/user_mgmt.go
+++ b/pro/logic/user_mgmt.go
@@ -1211,11 +1211,10 @@ func GetUserGroupsInNetwork(netID models.NetworkID) (networkGrps map[models.User
 
				 	return
			
 
				 }
			
 
				 
			
 
				-func AddGlobalNetRolesToAdmins(u models.User) {
			
 
				+func AddGlobalNetRolesToAdmins(u *models.User) {
			
 
				 	if u.PlatformRoleID != models.SuperAdminRole && u.PlatformRoleID != models.AdminRole {
			
 
				 		return
			
 
				 	}
			
 
				 	u.UserGroups = make(map[models.UserGroupID]struct{})
			
 
				 	u.UserGroups[models.UserGroupID(fmt.Sprintf("global-%s-grp", models.NetworkAdmin))] = struct{}{}
			
 
				-	logic.UpsertUser(u)
			
 
				 }