1 سال پیش · e90ad2634f
--- a/controllers/network.go
+++ b/controllers/network.go
@@ -58,13 +58,16 @@ func getNetworks(w http.ResponseWriter, r *http.Request) {
 
				 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
			
 
				 		return
			
 
				 	}
			
 
				-	username := r.Header.Get("user")
			
 
				-	user, err := logic.GetUser(username)
			
 
				-	if err != nil {
			
 
				-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
			
 
				-		return
			
 
				+	if r.Header.Get("ismaster") != "yes" {
			
 
				+		username := r.Header.Get("user")
			
 
				+		user, err := logic.GetUser(username)
			
 
				+		if err != nil {
			
 
				+			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
			
 
				+			return
			
 
				+		}
			
 
				+		allnetworks = logic.FilterNetworksByRole(allnetworks, *user)
			
 
				 	}
			
 
				-	allnetworks = logic.FilterNetworksByRole(allnetworks, *user)
			
 
				+
			
 
				 	logger.Log(2, r.Header.Get("user"), "fetched networks.")
			
 
				 	logic.SortNetworks(allnetworks[:])
			
 
				 	w.WriteHeader(http.StatusOK)
			
--- a/pro/controllers/users.go
+++ b/pro/controllers/users.go
@@ -165,24 +165,27 @@ func inviteUsers(w http.ResponseWriter, r *http.Request) {
 
				 		return
			
 
				 	}
			
 
				 	callerUserName := r.Header.Get("user")
			
 
				-	caller, err := logic.GetUser(callerUserName)
			
 
				-	if err != nil {
			
 
				-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "notfound"))
			
 
				-		return
			
 
				-	}
			
 
				-	if inviteReq.PlatformRoleID == models.SuperAdminRole.String() {
			
 
				-		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("super admin cannot be invited"), "badrequest"))
			
 
				-		return
			
 
				-	}
			
 
				-	if inviteReq.PlatformRoleID == "" {
			
 
				-		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("platform role id cannot be empty"), "badrequest"))
			
 
				-		return
			
 
				-	}
			
 
				-	if (inviteReq.PlatformRoleID == models.AdminRole.String() ||
			
 
				-		inviteReq.PlatformRoleID == models.SuperAdminRole.String()) && caller.PlatformRoleID != models.SuperAdminRole {
			
 
				-		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("only superadmin can invite admin users"), "forbidden"))
			
 
				-		return
			
 
				+	if r.Header.Get("ismaster") != "yes" {
			
 
				+		caller, err := logic.GetUser(callerUserName)
			
 
				+		if err != nil {
			
 
				+			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "notfound"))
			
 
				+			return
			
 
				+		}
			
 
				+		if inviteReq.PlatformRoleID == models.SuperAdminRole.String() {
			
 
				+			logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("super admin cannot be invited"), "badrequest"))
			
 
				+			return
			
 
				+		}
			
 
				+		if inviteReq.PlatformRoleID == "" {
			
 
				+			logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("platform role id cannot be empty"), "badrequest"))
			
 
				+			return
			
 
				+		}
			
 
				+		if (inviteReq.PlatformRoleID == models.AdminRole.String() ||
			
 
				+			inviteReq.PlatformRoleID == models.SuperAdminRole.String()) && caller.PlatformRoleID != models.SuperAdminRole {
			
 
				+			logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("only superadmin can invite admin users"), "forbidden"))
			
 
				+			return
			
 
				+		}
			
 
				 	}
			
 
				+
			
 
				 	//validate Req
			
 
				 	err = proLogic.IsGroupsValid(inviteReq.UserGroups)
			
 
				 	if err != nil {