zishuo/netmaker
1
0
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-08 02:06:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

add view only permissions for network users

Browse Source
This commit is contained in:
abhishek9686
2024-11-10 17:38:04 +04:00
parent 15bfcada65
commit 378bac7452
2 changed files with 62 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
models/user_mgmt.go
View File

@@ -80,7 +80,8 @@ const (
AllUserRsrcID RsrcID = "all_user" AllUserRsrcID RsrcID = "all_user"
AllDnsRsrcID RsrcID = "all_dns" AllDnsRsrcID RsrcID = "all_dns"
AllFailOverRsrcID RsrcID = "all_fail_over" AllFailOverRsrcID RsrcID = "all_fail_over"
AllAclsRsrcID RsrcID = "all_acls" AllAclsRsrcID RsrcID = "all_acl"
AllTagsRsrcID RsrcID = "all_tag"
) )
// Pre-Defined User Roles // Pre-Defined User Roles

60
pro/logic/user_mgmt.go
View File

@@ -60,6 +60,36 @@ var NetworkUserAllPermissionTemplate = models.UserRolePermissionTemplate{
SelfOnly: true, SelfOnly: true,
}, },
}, },
models.DnsRsrc: {
models.AllDnsRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.AclRsrc: {
models.AllAclsRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.EgressGwRsrc: {
models.AllEgressGwRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.InetGwRsrc: {
models.AllInetGwRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.RelayRsrc: {
models.AllRelayRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.TagRsrc: {
models.AllTagsRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
}, },
} }
@@ -147,6 +177,36 @@ func CreateDefaultNetworkRolesAndGroups(netID models.NetworkID) {
SelfOnly: true, SelfOnly: true,
}, },
}, },
models.DnsRsrc: {
models.AllDnsRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.AclRsrc: {
models.AllAclsRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.EgressGwRsrc: {
models.AllEgressGwRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.InetGwRsrc: {
models.AllInetGwRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.RelayRsrc: {
models.AllRelayRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
models.TagRsrc: {
models.AllTagsRsrcID: models.RsrcPermissionScope{
Read: true,
},
},
}, },
} }
d, _ := json.Marshal(NetworkAdminPermissionTemplate) d, _ := json.Marshal(NetworkAdminPermissionTemplate)