Mirrors/wg-portal
1
0
Fork 0
mirror of https://github.com/h44z/wg-portal.git synced 2026-02-25 11:56:23 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Merge commit from fork

Browse Source
This commit is contained in:
h44z
2026-02-24 22:32:37 +01:00
committed by Christoph Haas
parent 6e47d8c3e9
commit fe4485037a
3 changed files with 79 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
internal/app/api/v0/backend/user_service.go
View File

@@ -53,6 +53,17 @@ func (u UserService) GetAllUsers(ctx context.Context) ([]domain.User, error) {
} }
func (u UserService) UpdateUser(ctx context.Context, user *domain.User) (*domain.User, error) { func (u UserService) UpdateUser(ctx context.Context, user *domain.User) (*domain.User, error) {
sessionUser := domain.GetUserInfo(ctx)
currentUser, err := u.users.GetUser(ctx, user.Identifier)
if err != nil {
return nil, err
}
// if this endpoint is used by non-admins, make sure that the user can only modify a specific subset of attributes
if !sessionUser.IsAdmin {
user.CopyAdminAttributes(currentUser, u.cfg.Advanced.ApiAdminOnly)
}
return u.users.UpdateUser(ctx, user) return u.users.UpdateUser(ctx, user)
} }

45
internal/app/users/user_manager.go
View File

@@ -352,8 +352,9 @@ func (m Manager) DeactivateApi(ctx context.Context, id domain.UserIdentifier) (*
func (m Manager) validateModifications(ctx context.Context, old, new *domain.User) error { func (m Manager) validateModifications(ctx context.Context, old, new *domain.User) error {
currentUser := domain.GetUserInfo(ctx) currentUser := domain.GetUserInfo(ctx)
if currentUser.Id != new.Identifier && !currentUser.IsAdmin { adminErrors := m.validateAdminModifications(ctx, old, new)
return fmt.Errorf("insufficient permissions") if adminErrors != nil {
return adminErrors
} }
if err := old.EditAllowed(new); err != nil && currentUser.Id != domain.SystemAdminContextUserInfo().Id { if err := old.EditAllowed(new); err != nil && currentUser.Id != domain.SystemAdminContextUserInfo().Id {
@@ -387,6 +388,42 @@ func (m Manager) validateModifications(ctx context.Context, old, new *domain.Use
return nil return nil
} }
func (m Manager) validateAdminModifications(ctx context.Context, old, new *domain.User) error {
currentUser := domain.GetUserInfo(ctx)
if currentUser.IsAdmin {
if currentUser.Id == old.Identifier && !new.IsAdmin {
return fmt.Errorf("cannot remove own admin rights: %w", domain.ErrInvalidData)
}
return nil // admins can do (almost) everything
}
// non-admins can only modify very their own profile data
if currentUser.Id != new.Identifier {
return fmt.Errorf("insufficient permissions: %w", domain.ErrInvalidData)
}
if new.IsAdmin {
return fmt.Errorf("cannot grant admin rights: %w", domain.ErrInvalidData)
}
if new.Notes != old.Notes {
return fmt.Errorf("cannot update notes: %w", domain.ErrInvalidData)
}
if old.Locked != new.Locked || old.LockedReason != new.LockedReason {
return fmt.Errorf("cannot change lock state: %w", domain.ErrInvalidData)
}
if old.Disabled != new.Disabled || old.DisabledReason != new.DisabledReason {
return fmt.Errorf("cannot change disabled state: %w", domain.ErrInvalidData)
}
return nil
}
func (m Manager) validateCreation(ctx context.Context, new *domain.User) error { func (m Manager) validateCreation(ctx context.Context, new *domain.User) error {
currentUser := domain.GetUserInfo(ctx) currentUser := domain.GetUserInfo(ctx)
@@ -453,6 +490,10 @@ func (m Manager) validateDeletion(ctx context.Context, del *domain.User) error {
func (m Manager) validateApiChange(ctx context.Context, user *domain.User) error { func (m Manager) validateApiChange(ctx context.Context, user *domain.User) error {
currentUser := domain.GetUserInfo(ctx) currentUser := domain.GetUserInfo(ctx)
if !currentUser.IsAdmin && m.cfg.Advanced.ApiAdminOnly {
return fmt.Errorf("insufficient permissions to change API access: %w", domain.ErrNoPermission)
}
if currentUser.Id != user.Identifier { if currentUser.Id != user.Identifier {
return fmt.Errorf("cannot change API access of user: %w", domain.ErrNoPermission) return fmt.Errorf("cannot change API access of user: %w", domain.ErrNoPermission)
} }

25
internal/domain/user.go
View File

@@ -185,6 +185,31 @@ func (u *User) CopyCalculatedAttributes(src *User) {
u.LinkedPeerCount = src.LinkedPeerCount u.LinkedPeerCount = src.LinkedPeerCount
} }
// CopyAdminAttributes copies all attributes from the given user except password, passkey and
// api-token if apiAdminOnly is false.
func (u *User) CopyAdminAttributes(src *User, apiAdminOnly bool) {
u.BaseModel = src.BaseModel
u.Identifier = src.Identifier
u.Email = src.Email
u.Source = src.Source
u.ProviderName = src.ProviderName
u.IsAdmin = src.IsAdmin
u.Firstname = src.Firstname
u.Lastname = src.Lastname
u.Phone = src.Phone
u.Department = src.Department
u.Notes = src.Notes
u.Disabled = src.Disabled
u.DisabledReason = src.DisabledReason
u.Locked = src.Locked
u.LockedReason = src.LockedReason
u.LinkedPeerCount = src.LinkedPeerCount
if apiAdminOnly {
u.ApiToken = src.ApiToken
u.ApiTokenCreated = src.ApiTokenCreated
}
}
// DisplayName returns the display name of the user. // DisplayName returns the display name of the user.
// The display name is the first and last name, or the email address of the user. // The display name is the first and last name, or the email address of the user.
// If none of these fields are set, the user identifier is returned. // If none of these fields are set, the user identifier is returned.