mirror of
https://github.com/gravitl/netmaker.git
synced 2025-10-31 04:06:37 +08:00
719e0c254d
* add superadmin role, apis to create superadmin user * apis to attach and remove user from remote access gateways * add api to list user's remote client has gateway clients * remove code related user groups * remove networks and groups from user model * refactor user CRUD operations * fix network permission test * add superadmin to authorize func * remove user network and groups from cli * api to transfer superadmin role * add api to list users on a ingress gw * restrict user access to resources on server * deny request from remote access client if extclient is already created * fix user tests * fix static checks * fix static checks * add limits to extclient create handler * set username to superadmin on if masterkey is used * allow creation of extclients using masterkey * add migration func to assign superadmin role for existing admin user * check for superadmin on migration if users are present * allowe masterkey to extcleint apis * check ownerid * format error, on jwt token verification failure return unauthorized rather than forbidden * user update fix * move user remote functionality to ee * fix update user api * security patch * initalise ee user handlers * allow user to use master key to update any user * use slog * fix auth user test * table headers * remove user role, it's covered in middleware * setuser defaults fix
78 lines
1.8 KiB
Go
78 lines
1.8 KiB
Go
package logic
|
|
|
|
import (
|
|
"encoding/json"
|
|
"errors"
|
|
"sort"
|
|
|
|
"github.com/gravitl/netmaker/database"
|
|
"github.com/gravitl/netmaker/models"
|
|
)
|
|
|
|
// GetUser - gets a user
|
|
// TODO support "masteradmin"
|
|
func GetUser(username string) (*models.User, error) {
|
|
|
|
var user models.User
|
|
record, err := database.FetchRecord(database.USERS_TABLE_NAME, username)
|
|
if err != nil {
|
|
return &user, err
|
|
}
|
|
if err = json.Unmarshal([]byte(record), &user); err != nil {
|
|
return &models.User{}, err
|
|
}
|
|
return &user, err
|
|
}
|
|
|
|
// GetReturnUser - gets a user
|
|
func GetReturnUser(username string) (models.ReturnUser, error) {
|
|
|
|
var user models.ReturnUser
|
|
record, err := database.FetchRecord(database.USERS_TABLE_NAME, username)
|
|
if err != nil {
|
|
return user, err
|
|
}
|
|
if err = json.Unmarshal([]byte(record), &user); err != nil {
|
|
return models.ReturnUser{}, err
|
|
}
|
|
return user, err
|
|
}
|
|
|
|
// ToReturnUser - gets a user as a return user
|
|
func ToReturnUser(user models.User) models.ReturnUser {
|
|
return models.ReturnUser{
|
|
UserName: user.UserName,
|
|
IsSuperAdmin: user.IsSuperAdmin,
|
|
IsAdmin: user.IsAdmin,
|
|
RemoteGwIDs: user.RemoteGwIDs,
|
|
}
|
|
}
|
|
|
|
// SetUserDefaults - sets the defaults of a user to avoid empty fields
|
|
func SetUserDefaults(user *models.User) {
|
|
if user.RemoteGwIDs == nil {
|
|
user.RemoteGwIDs = make(map[string]struct{})
|
|
}
|
|
}
|
|
|
|
// SortUsers - Sorts slice of Users by username
|
|
func SortUsers(unsortedUsers []models.ReturnUser) {
|
|
sort.Slice(unsortedUsers, func(i, j int) bool {
|
|
return unsortedUsers[i].UserName < unsortedUsers[j].UserName
|
|
})
|
|
}
|
|
|
|
// GetSuperAdmin - fetches superadmin user
|
|
func GetSuperAdmin() (models.ReturnUser, error) {
|
|
users, err := GetUsers()
|
|
if err != nil {
|
|
return models.ReturnUser{}, err
|
|
}
|
|
for _, user := range users {
|
|
if user.IsSuperAdmin {
|
|
return user, nil
|
|
}
|
|
}
|
|
return models.ReturnUser{}, errors.New("superadmin not found")
|
|
}
|