SVI/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-06-08 08:22:22 -04:00
Code Issues 3.0k Packages Projects Releases 10 Wiki Activity

Merge branch 'main' into feature/users-roles-endpoint

Browse Source 
# Conflicts:
#	management/server/http/handlers/users/users_handler.go
#	management/server/permissions/manager.go
#	management/server/permissions/manager_mock.go
This commit is contained in:
Pedro Costa
2025-05-01 11:29:10 +01:00
parent 5337fc15db 7b64953eed
commit 2b88961b6b
2 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
management/server/permissions/roles/network_admin.go
View File

@@ -23,9 +23,9 @@ var NetworkAdmin = RolePermissions{
},
modules.Groups: {
operations.Read: true,
operations.Create: false,
operations.Update: false,
operations.Delete: false,
operations.Create: true,
operations.Update: true,
operations.Delete: true,
},
modules.Settings: {
operations.Read: true,
@@ -87,5 +87,11 @@ var NetworkAdmin = RolePermissions{
operations.Update: true,
operations.Delete: true,
},
modules.Peers: {
operations.Read: true,
operations.Create: false,
operations.Update: false,
operations.Delete: false,
},
},
}

1
management/server/user.go
View File

@@ -357,6 +357,7 @@ func (am *DefaultAccountManager) CreatePAT(ctx context.Context, accountID string
return nil, err
}
// @note this is essential to prevent non admin users with Pats create permission frpm creating one for a service user
if initiatorUserID != targetUserID && !(initiatorUser.HasAdminPower() && targetUser.IsServiceUser) {
return nil, status.NewAdminPermissionError()
}