2 rokov pred · 9096623f11
--- a/controllers/enrollmentkeys.go
+++ b/controllers/enrollmentkeys.go
@@ -40,15 +40,7 @@ func getEnrollmentKeys(w http.ResponseWriter, r *http.Request) {
 
				 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
			
 
				 		return
			
 
				 	}
			
 
				-	// handle masteradmin non-logged-in user
			
 
				-	// TODO unify the user flow
			
 
				-	headerNetworks, err := getHeaderNetworks(r)
			
 
				-	if err != nil {
			
 
				-		logger.Log(0, r.Header.Get("user"), "failed to parse networks: ", err.Error())
			
 
				-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
			
 
				-		return
			
 
				-	}
			
 
				-	isMasterAdmin := len(headerNetworks) > 0 && headerNetworks[0] == logic.ALL_NETWORK_ACCESS
			
 
				+	isMasterAdmin := r.Header.Get("ismaster") == "yes"
			
 
				 	// regular user flow
			
 
				 	user, err := logic.GetUser(r.Header.Get("user"))
			
 
				 	if err != nil && !isMasterAdmin {
			
--- a/controllers/hosts.go
+++ b/controllers/hosts.go
@@ -52,15 +52,7 @@ func getHosts(w http.ResponseWriter, r *http.Request) {
 
				 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
			
 
				 		return
			
 
				 	}
			
 
				-	// handle masteradmin non-logged-in user
			
 
				-	// TODO unify the user flow
			
 
				-	headerNetworks, err := getHeaderNetworks(r)
			
 
				-	if err != nil {
			
 
				-		logger.Log(0, r.Header.Get("user"), "failed to parse networks: ", err.Error())
			
 
				-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
			
 
				-		return
			
 
				-	}
			
 
				-	isMasterAdmin := len(headerNetworks) > 0 && headerNetworks[0] == logic.ALL_NETWORK_ACCESS
			
 
				+	isMasterAdmin := r.Header.Get("ismaster") == "yes"
			
 
				 	user, err := logic.GetUser(r.Header.Get("user"))
			
 
				 	if err != nil && !isMasterAdmin {
			
 
				 		logger.Log(0, r.Header.Get("user"), "failed to fetch user: ", err.Error())
			
--- a/logic/security.go
+++ b/logic/security.go
@@ -31,6 +31,7 @@ func SecurityCheck(reqAdmin bool, next http.Handler) http.HandlerFunc {
 
				 		var errorResponse = models.ErrorResponse{
			
 
				 			Code: http.StatusForbidden, Message: Forbidden_Msg,
			
 
				 		}
			
 
				+		r.Header.Set("ismaster", "no")
			
 
				 
			
 
				 		var params = mux.Vars(r)
			
 
				 		bearerToken := r.Header.Get("Authorization")
			
@@ -53,6 +54,10 @@ func SecurityCheck(reqAdmin bool, next http.Handler) http.HandlerFunc {
 
				 			ReturnErrorResponse(w, r, errorResponse)
			
 
				 			return
			
 
				 		}
			
 
				+		// detect masteradmin
			
 
				+		if len(networks) > 0 && networks[0] == ALL_NETWORK_ACCESS {
			
 
				+			r.Header.Set("ismaster", "yes")
			
 
				+		}
			
 
				 		networksJson, err := json.Marshal(&networks)
			
 
				 		if err != nil {
			
 
				 			ReturnErrorResponse(w, r, errorResponse)