Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

update create user handler with new role mgmt

abhishek9686 1 year ago
parent
b75c0e89ee
commit
adec4c491a
2 changed files with 23 additions and 6 deletions
Unified View Show Diff Stats
  1. 22 6
      controllers/user.go
  2. 1 0
      logic/auth.go

+ 22 - 6
controllers/user.go
View File 

@@ -652,7 +652,12 @@ func createUser(w http.ResponseWriter, r *http.Request) {
 
 	w.Header().Set("Content-Type", "application/json")
 
 	w.Header().Set("Content-Type", "application/json")
 
 	caller, err := logic.GetUser(r.Header.Get("user"))
 
 	caller, err := logic.GetUser(r.Header.Get("user"))
 
 	if err != nil {
 
 	if err != nil {
 
-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 
+		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
+		return
 
+	}
 
+	callerUserRole, err := logic.GetRole(caller.PlatformRoleID)
 
+	if err != nil {
 
+		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 		return
 
 		return
 
 	}
 
 	}
 
 	var user models.User
 
 	var user models.User
 
@@ -677,23 +682,34 @@ func createUser(w http.ResponseWriter, r *http.Request) {
 
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 		return
 
 		return
 
 	}
 
 	}
 
-	if !caller.IsSuperAdmin && user.IsAdmin {
 
-		err = errors.New("only superadmin can create admin users")
 
+	userRole, err := logic.GetRole(user.PlatformRoleID)
 
+	if err != nil {
 
+		err = errors.New("error fetching role " + user.PlatformRoleID.String() + " " + err.Error())
 
 		slog.Error("error creating new user: ", "user", user.UserName, "error", err)
 
 		slog.Error("error creating new user: ", "user", user.UserName, "error", err)
 
-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "forbidden"))
 
+		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 		return
 
 		return
 
 	}
 
 	}
 
-	if user.IsSuperAdmin {
 
+	if userRole.ID == models.SuperAdminRole {
 
 		err = errors.New("additional superadmins cannot be created")
 
 		err = errors.New("additional superadmins cannot be created")
 
 		slog.Error("error creating new user: ", "user", user.UserName, "error", err)
 
 		slog.Error("error creating new user: ", "user", user.UserName, "error", err)
 
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "forbidden"))
 
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "forbidden"))
 
 		return
 
 		return
 
 	}
 
 	}
 
+
 
+	if callerUserRole.ID != models.SuperAdminRole && user.IsAdmin {
 
+		err = errors.New("only superadmin can create admin users")
 
+		slog.Error("error creating new user: ", "user", user.UserName, "error", err)
 
+		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "forbidden"))
 
+		return
 
+	}
 
+
 
 	if !servercfg.IsPro && !user.IsAdmin {
 
 	if !servercfg.IsPro && !user.IsAdmin {
 
 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("non-admins users can only be created on Pro version"), "forbidden"))
 
 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("non-admins users can only be created on Pro version"), "forbidden"))
 
 		return
 
 		return
 
 	}
 
 	}
 
-
 
+	if userRole.ID == models.AdminRole {
 
+		user.IsAdmin = true
 
+	}
 
 	err = logic.CreateUser(&user)
 
 	err = logic.CreateUser(&user)
 
 	if err != nil {
 
 	if err != nil {
 
 		slog.Error("error creating new user: ", "user", user.UserName, "error", err.Error())
 
 		slog.Error("error creating new user: ", "user", user.UserName, "error", err.Error())

+ 1 - 0
logic/auth.go
View File 

@@ -146,6 +146,7 @@ func CreateSuperAdmin(u *models.User) error {
 
 	if hassuperadmin {
 
 	if hassuperadmin {
 
 		return errors.New("superadmin user already exists")
 
 		return errors.New("superadmin user already exists")
 
 	}
 
 	}
 
+	u.PlatformRoleID = models.SuperAdminRole
 
 	u.IsSuperAdmin = true
 
 	u.IsSuperAdmin = true
 
 	u.IsAdmin = false
 
 	u.IsAdmin = false
 
 	return CreateUser(u)
 
 	return CreateUser(u)