|
|
@@ -62,6 +62,21 @@ func authenticateUser(response http.ResponseWriter, request *http.Request) {
|
|
|
return
|
|
|
}
|
|
|
|
|
|
+ if val := request.Header.Get("from-ui"); val == "true" {
|
|
|
+ // request came from UI, if normal user block Login
|
|
|
+ user, err := logic.GetUser(authRequest.UserName)
|
|
|
+ if err != nil {
|
|
|
+ logger.Log(0, authRequest.UserName, "user validation failed: ",
|
|
|
+ err.Error())
|
|
|
+ logic.ReturnErrorResponse(response, request, logic.FormatError(err, "unauthorized"))
|
|
|
+ return
|
|
|
+ }
|
|
|
+ if !(user.IsAdmin || user.IsSuperAdmin) {
|
|
|
+ logic.ReturnErrorResponse(response, request, logic.FormatError(errors.New("only admins can access dashboard"), "unauthorized"))
|
|
|
+ return
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
decoder := json.NewDecoder(request.Body)
|
|
|
decoderErr := decoder.Decode(&authRequest)
|
|
|
defer request.Body.Close()
|
|
|
@@ -119,7 +134,7 @@ func authenticateUser(response http.ResponseWriter, request *http.Request) {
|
|
|
if client.OwnerID == username && !client.Enabled {
|
|
|
slog.Info(fmt.Sprintf("enabling ext client %s for user %s due to RAC autodisabling feature", client.ClientID, client.OwnerID))
|
|
|
if newClient, err := logic.ToggleExtClientConnectivity(&client, true); err != nil {
|
|
|
- slog.Error("error disabling ext client in RAC autodisable hook", "error", err)
|
|
|
+ slog.Error("error enabling ext client in RAC autodisable hook", "error", err)
|
|
|
continue // dont return but try for other clients
|
|
|
} else {
|
|
|
// publish peer update to ingress gateway
|
Abhishek Kondur