Página Principal Explorar Ajuda
Iniciar Sessão
golang
/
netmaker
mirror de https://github.com/gravitl/netmaker
2
0
Fork 0
Ficheiros Problemas 0 Wiki
Ver Fonte

check for headers for subjects

abhishek9686 há 1 ano atrás
pai
89bbc467d9
commit
91a23160d0
1 ficheiros alterados com 15 adições e 6 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 15 6
      logic/security.go

+ 15 - 6
logic/security.go
Ver Ficheiro 

@@ -24,15 +24,18 @@ func networkPermissionsCheck(username string, r *http.Request) error {
 
 	if err != nil {
 
 		return err
 
 	}
 
-	if user.PermissionTemplate.ID == models.SuperAdminRole {
 
+	if user.PermissionTemplate.DashBoardAcls.FullAccess {
 
 		return nil
 
 	}
 
 	// get info from header to determine the target rsrc
 
 	targetRsrc := r.Header.Get("TARGET_RSRC")
 
 	targetRsrcID := r.Header.Get("TARGET_RSRC_ID")
 
 	netID := r.Header.Get("NET_ID")
 
-	if targetRsrc == "" || targetRsrcID == "" {
 
-		return errors.New("target rsrc or rsrc id is missing")
 
+	if targetRsrc == "" {
 
+		return errors.New("target rsrc is missing")
 
+	}
 
+	if netID == "" {
 
+		return errors.New("network id is missing")
 
 	}
 
 	if r.Method == "" {
 
 		r.Method = http.MethodGet
 
@@ -54,6 +57,9 @@ func networkPermissionsCheck(username string, r *http.Request) error {
 
 		return checkPermissionScopeWithReqMethod(allRsrcsTypePermissionScope, r.Method)
 
 
 	}
 
+	if targetRsrcID == "" {
 
+		return errors.New("target rsrc is missing")
 
+	}
 
 	if scope, ok := rsrcPermissionScope[models.RsrcID(targetRsrcID)]; ok {
 
 		return checkPermissionScopeWithReqMethod(scope, r.Method)
 
 	}
 
@@ -65,13 +71,13 @@ func globalPermissionsCheck(username string, r *http.Request) error {
 
 	if err != nil {
 
 		return err
 
 	}
 
-	if user.PermissionTemplate.ID == models.SuperAdminRole {
 
+	if user.PermissionTemplate.DashBoardAcls.FullAccess {
 
 		return nil
 
 	}
 
 	targetRsrc := r.Header.Get("TARGET_RSRC")
 
 	targetRsrcID := r.Header.Get("TARGET_RSRC_ID")
 
-	if targetRsrc == "" || targetRsrcID == "" {
 
-		return errors.New("target rsrc or rsrc id is missing")
 
+	if targetRsrc == "" {
 
+		return errors.New("target rsrc is missing")
 
 	}
 
 	if r.Method == "" {
 
 		r.Method = http.MethodGet
 
@@ -87,6 +93,9 @@ func globalPermissionsCheck(username string, r *http.Request) error {
 
 		return checkPermissionScopeWithReqMethod(allRsrcsTypePermissionScope, r.Method)
 
 
 	}
 
+	if targetRsrcID == "" {
 
+		return errors.New("target rsrc id is missing")
 
+	}
 
 	if scope, ok := rsrcPermissionScope[models.RsrcID(targetRsrcID)]; ok {
 
 		return checkPermissionScopeWithReqMethod(scope, r.Method)
 
 	}