extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-07-01 07:00:46 +02:00
Code Issues Packages Projects Releases Wiki Activity

add owner role support (#1340)

Browse Source 
This PR adds support to Owner roles.

The owner role has a similar access level as the admin, but it has the power to delete the account.

Besides that, the role has the following constraints:

- The role can only be transferred. So, only a user with the owner role can transfer the owner role to a new user
- It can't be assigned to users being invited
- It can't be assigned to service users
This commit is contained in:
Maycon Santos
2023-12-01 17:24:57 +01:00
committed by GitHub
parent b8c46e2654
commit d7efea74b6
15 changed files with 397 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
management/server/policy.go
View File

@ -319,8 +319,8 @@ func (am *DefaultAccountManager) GetPolicy(accountID, policyID, userID string) (
return nil, err
}
if !user.IsAdmin() {
return nil, status.Errorf(status.PermissionDenied, "only admins are allowed to view policies")
if !user.HasAdminPower() {
return nil, status.Errorf(status.PermissionDenied, "only users with admin power are allowed to view policies")
}
for _, policy := range account.Policies {
@ -402,8 +402,8 @@ func (am *DefaultAccountManager) ListPolicies(accountID, userID string) ([]*Poli
return nil, err
}
if !user.IsAdmin() {
return nil, status.Errorf(status.PermissionDenied, "Only Administrators can view policies")
if !user.HasAdminPower() {
return nil, status.Errorf(status.PermissionDenied, "only users with admin power can view policies")
}
return account.Policies, nil