extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-08-18 02:50:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

add owner role support (#1340)

Browse Source 
This PR adds support to Owner roles.

The owner role has a similar access level as the admin, but it has the power to delete the account.

Besides that, the role has the following constraints:

- The role can only be transferred. So, only a user with the owner role can transfer the owner role to a new user
- It can't be assigned to users being invited
- It can't be assigned to service users
This commit is contained in:
Maycon Santos
2023-12-01 17:24:57 +01:00
committed by GitHub
parent b8c46e2654
commit d7efea74b6
15 changed files with 397 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
management/server/account.go
View File

@@ -877,7 +877,7 @@ func (am *DefaultAccountManager) UpdateAccountSettings(accountID, userID string,
return nil, err
}
if !user.IsAdmin() {
if !user.HasAdminPower() {
return nil, status.Errorf(status.PermissionDenied, "user is not allowed to update account")
}
@@ -1019,7 +1019,7 @@ func (am *DefaultAccountManager) DeleteAccount(accountID, userID string) error {
return err
}
if !user.IsAdmin() {
if !user.HasAdminPower() {
return status.Errorf(status.PermissionDenied, "user is not allowed to delete account")
}
@@ -1703,7 +1703,7 @@ func newAccountWithId(accountID, userID, domain string) *Account {
routes := make(map[string]*route.Route)
setupKeys := map[string]*SetupKey{}
nameServersGroups := make(map[string]*nbdns.NameServerGroup)
users[userID] = NewAdminUser(userID)
users[userID] = NewOwnerUser(userID)
dnsSettings := DNSSettings{
DisabledManagementGroups: make([]string, 0),
}