mirror of
https://github.com/netbirdio/netbird.git
synced 2025-08-16 18:11:58 +02:00
[management] limit peers based on module read permission (#3757)
This commit is contained in:
@ -49,20 +49,9 @@ func (am *DefaultAccountManager) GetPeers(ctx context.Context, accountID, userID
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
peers := make([]*nbpeer.Peer, 0)
|
// @note if the user has permission to read peers it shows all account peers
|
||||||
peersMap := make(map[string]*nbpeer.Peer)
|
|
||||||
|
|
||||||
for _, peer := range accountPeers {
|
|
||||||
if user.IsRegularUser() && user.Id != peer.UserID {
|
|
||||||
// only display peers that belong to the current user if the current user is not an admin
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
peers = append(peers, peer)
|
|
||||||
peersMap[peer.ID] = peer
|
|
||||||
}
|
|
||||||
|
|
||||||
if allowed {
|
if allowed {
|
||||||
return peers, nil
|
return accountPeers, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
settings, err := am.Store.GetAccountSettings(ctx, store.LockingStrengthShare, accountID)
|
settings, err := am.Store.GetAccountSettings(ctx, store.LockingStrengthShare, accountID)
|
||||||
@ -74,6 +63,18 @@ func (am *DefaultAccountManager) GetPeers(ctx context.Context, accountID, userID
|
|||||||
return []*nbpeer.Peer{}, nil
|
return []*nbpeer.Peer{}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// @note if it does not have permission read peers then only display it's own peers
|
||||||
|
peers := make([]*nbpeer.Peer, 0)
|
||||||
|
peersMap := make(map[string]*nbpeer.Peer)
|
||||||
|
|
||||||
|
for _, peer := range accountPeers {
|
||||||
|
if user.Id != peer.UserID {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
peers = append(peers, peer)
|
||||||
|
peersMap[peer.ID] = peer
|
||||||
|
}
|
||||||
|
|
||||||
return am.getUserAccessiblePeers(ctx, accountID, peersMap, peers)
|
return am.getUserAccessiblePeers(ctx, accountID, peersMap, peers)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user