|
|
@@ -164,6 +164,21 @@ func inviteUsers(w http.ResponseWriter, r *http.Request) {
|
|
|
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
|
|
|
return
|
|
|
}
|
|
|
+ callerUserName := r.Header.Get("user")
|
|
|
+ caller, err := logic.GetUser(callerUserName)
|
|
|
+ if err != nil {
|
|
|
+ logic.ReturnErrorResponse(w, r, logic.FormatError(err, "notfound"))
|
|
|
+ return
|
|
|
+ }
|
|
|
+ if inviteReq.PlatformRoleID == models.SuperAdminRole.String() {
|
|
|
+ logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("super admin cannot be invited"), "badrequest"))
|
|
|
+ return
|
|
|
+ }
|
|
|
+ if (inviteReq.PlatformRoleID == models.AdminRole.String() ||
|
|
|
+ inviteReq.PlatformRoleID == models.SuperAdminRole.String()) && caller.PlatformRoleID != models.SuperAdminRole {
|
|
|
+ logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("only superadmin can invite admin users"), "forbidden"))
|
|
|
+ return
|
|
|
+ }
|
|
|
//validate Req
|
|
|
err = proLogic.IsGroupsValid(inviteReq.UserGroups)
|
|
|
if err != nil {
|
abhishek9686