Support user role update (#478)

2025-02-16 10:20:09 +01:00 · 2022-09-23 14:18:42 +02:00 · 2022-09-23 14:18:42 +02:00 · af69a48745
commit af69a48745
parent 68ff97ba84
4 changed files with 31 additions and 7 deletions
--- a/management/server/http/api/openapi.yml
+++ b/management/server/http/api/openapi.yml
@ -47,16 +47,16 @@ components:
    UserRequest:
      type: object
      properties:
+        role:
+          description: User's NetBird account role
+          type: string
        auto_groups:
          description: Groups to auto-assign to peers registered by this user
          type: array
          items:
            type: string
      required:
-        - name
-        - type
-        - expires_in
-        - revoked
+        - role
        - auto_groups
    PeerMinimum:
      type: object
--- a/management/server/http/api/types.gen.go
+++ b/management/server/http/api/types.gen.go
@ -376,6 +376,9 @@ type User struct {
 type UserRequest struct {
 	// Groups to auto-assign to peers registered by this user
 	AutoGroups []string `json:"auto_groups"`
+
+	// User's NetBird account role
+	Role string `json:"role"`
 }

 // PostApiGroupsJSONBody defines parameters for PostApiGroups.
--- a/management/server/http/users.go
+++ b/management/server/http/users.go
@ -45,7 +45,7 @@ func (h *UserHandler) UpdateUser(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
 	userID := vars["id"]
 	if len(userID) == 0 {
-		http.Error(w, "invalid key Id", http.StatusBadRequest)
+		http.Error(w, "invalid user ID", http.StatusBadRequest)
 		return
 	}

@ -56,8 +56,15 @@ func (h *UserHandler) UpdateUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	userRole := server.StrRoleToUserRole(req.Role)
+	if userRole == server.UserRoleUnknown {
+		http.Error(w, "invalid user role", http.StatusBadRequest)
+		return
+	}
+
 	newUser, err := h.accountManager.SaveUser(account.Id, &server.User{
 		Id:         userID,
+		Role:       userRole,
 		AutoGroups: req.AutoGroups,
 	})
 	if err != nil {
--- a/management/server/user.go
+++ b/management/server/user.go
@ -11,10 +11,23 @@ import (
 )

 const (
-	UserRoleAdmin UserRole = "admin"
-	UserRoleUser  UserRole = "user"
+	UserRoleAdmin   UserRole = "admin"
+	UserRoleUser    UserRole = "user"
+	UserRoleUnknown UserRole = "unknown"
 )

+// StrRoleToUserRole returns UserRole for a given strRole or UserRoleUnknown if the specified role is unknown
+func StrRoleToUserRole(strRole string) UserRole {
+	switch strings.ToLower(strRole) {
+	case "admin":
+		return UserRoleAdmin
+	case "user":
+		return UserRoleUser
+	default:
+		return UserRoleUnknown
+	}
+}
+
 // UserRole is the role of the User
 type UserRole string

@ -116,6 +129,7 @@ func (am *DefaultAccountManager) SaveUser(accountID string, update *User) (*User
 	// only auto groups, revoked status, and name can be updated for now
 	newUser := oldUser.Copy()
 	newUser.AutoGroups = update.AutoGroups
+	newUser.Role = update.Role

 	account.Users[newUser.Id] = newUser