extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-06-20 17:58:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

[management] network admin role (#3720)

Browse Source
This commit is contained in:
Pedro Maia Costa 2025-04-25 15:14:32 +01:00 committed by GitHub
parent 39483f8ca8
commit dbf81a145e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 97 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
management/server/permissions/roles/network_admin.go Normal file
View File

@ -0,0 +1,91 @@
package roles
import (
"github.com/netbirdio/netbird/management/server/permissions/modules"
"github.com/netbirdio/netbird/management/server/permissions/operations"
"github.com/netbirdio/netbird/management/server/types"
)
var NetworkAdmin = RolePermissions{
Role: types.UserRoleNetworkAdmin,
AutoAllowNew: map[operations.Operation]bool{
operations.Read: false,
operations.Create: false,
operations.Update: false,
operations.Delete: false,
},
Permissions: Permissions{
modules.Networks: {
operations.Read: true,
operations.Create: true,
operations.Update: true,
operations.Delete: true,
},
modules.Groups: {
operations.Read: true,
operations.Create: false,
operations.Update: false,
operations.Delete: false,
},
modules.Settings: {
operations.Read: true,
operations.Create: false,
operations.Update: false,
operations.Delete: false,
},
modules.Accounts: {
operations.Read: true,
operations.Create: false,
operations.Update: false,
operations.Delete: false,
},
modules.Dns: {
operations.Read: true,
operations.Create: true,
operations.Update: true,
operations.Delete: true,
},
modules.Nameservers: {
operations.Read: true,
operations.Create: true,
operations.Update: true,
operations.Delete: true,
},
modules.Events: {
operations.Read: true,
operations.Create: false,
operations.Update: false,
operations.Delete: false,
},
modules.Policies: {
operations.Read: true,
operations.Create: true,
operations.Update: true,
operations.Delete: true,
},
modules.Routes: {
operations.Read: true,
operations.Create: true,
operations.Update: true,
operations.Delete: true,
},
modules.Users: {
operations.Read: true,
operations.Create: false,
operations.Update: false,
operations.Delete: false,
},
modules.SetupKeys: {
operations.Read: true,
operations.Create: false,
operations.Update: false,
operations.Delete: false,
},
modules.Pats: {
operations.Read: true,
operations.Create: true,
operations.Update: true,
operations.Delete: true,
},
},
}

9
management/server/permissions/roles/role_permissions.go
View File

@ -15,8 +15,9 @@ type RolePermissions struct {
type Permissions map[modules.Module]map[operations.Operation]bool type Permissions map[modules.Module]map[operations.Operation]bool
var RolesMap = map[types.UserRole]RolePermissions{ var RolesMap = map[types.UserRole]RolePermissions{
types.UserRoleOwner: Owner, types.UserRoleOwner: Owner,
types.UserRoleAdmin: Admin, types.UserRoleAdmin: Admin,
types.UserRoleUser: User, types.UserRoleUser: User,
types.UserRoleAuditor: Auditor, types.UserRoleAuditor: Auditor,
types.UserRoleNetworkAdmin: NetworkAdmin,
} }

1
management/server/types/user.go
View File

@ -16,6 +16,7 @@ const (
UserRoleUnknown UserRole = "unknown" UserRoleUnknown UserRole = "unknown"
UserRoleBillingAdmin UserRole = "billing_admin" UserRoleBillingAdmin UserRole = "billing_admin"
UserRoleAuditor UserRole = "auditor" UserRoleAuditor UserRole = "auditor"
UserRoleNetworkAdmin UserRole = "network_admin"
UserStatusActive UserStatus = "active" UserStatusActive UserStatus = "active"
UserStatusDisabled UserStatus = "disabled" UserStatusDisabled UserStatus = "disabled"