mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-01-24 13:13:13 -05:00
Implemented user group permission query in the web app.
This commit is contained in:
parent
6960608dca
commit
fdd43d62d3
@ -3425,37 +3425,63 @@
|
||||
//
|
||||
|
||||
// Get the right of a user on a given device group
|
||||
function GetMeshRights(mesh, user) {
|
||||
function GetMeshRights(mesh, userid) {
|
||||
if (mesh == null) { return 0; }
|
||||
if (user == null) { user = userinfo._id; }
|
||||
if (userid == null) { userid = userinfo._id; }
|
||||
if (typeof mesh == 'string') { mesh = meshes[mesh] }
|
||||
if ((mesh == null) || (mesh.links == null)) { return 0; }
|
||||
var rights = mesh.links[user];
|
||||
if (rights == null) { return 0; }
|
||||
return rights.rights;
|
||||
|
||||
// Check direct link permission
|
||||
var rights = 0, r = mesh.links[userid];
|
||||
if (r != null) {
|
||||
rights = r.rights;
|
||||
if (rights == 0xFFFFFFFF) { return rights; } // User has full rights thru a direct link, stop here.
|
||||
}
|
||||
|
||||
// Check permissions thru user groups
|
||||
var user = null;
|
||||
if (userid == userinfo._id) { user = userinfo; } else { if (users != null) { user = users[userid]; } }
|
||||
if (user != null) {
|
||||
for (var i in user.links) {
|
||||
if (i.startsWith('ugrp/')) {
|
||||
r = mesh.links[i];
|
||||
if (r != null) {
|
||||
if (r.rights == 0xFFFFFFFF) { return r.rights; } // User has full rights thru a user group, stop here.
|
||||
rights |= r.rights; // TODO: Deal with reverse permissions
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return rights;
|
||||
}
|
||||
|
||||
// Returns true if the user can view the given device group
|
||||
function IsMeshViewable(mesh, user) {
|
||||
if (mesh == null) { return 0; }
|
||||
if (user == null) { user = userinfo._id; }
|
||||
function IsMeshViewable(mesh, userid) {
|
||||
if (mesh == null) { return false; }
|
||||
if (userid == null) { userid = userinfo._id; }
|
||||
if (typeof mesh == 'string') { mesh = meshes[mesh] }
|
||||
if ((mesh == null) || (mesh.links == null)) { return false; }
|
||||
var rights = mesh.links[user];
|
||||
if (rights == null) { return false; }
|
||||
return true;
|
||||
if (mesh.links[userid] != null) { return true; } // User has visilibity thru a direct link
|
||||
|
||||
// Check permissions thru user groups
|
||||
var user = null;
|
||||
if (userid == userinfo._id) { user = userinfo; } else { if (users != null) { user = users[userid]; } }
|
||||
if (user != null) {
|
||||
for (var i in user.links) {
|
||||
if ((i.startsWith('ugrp/')) && (mesh.links[i] != null)) { return true; } // User has visilibity thru a user group
|
||||
}
|
||||
}
|
||||
|
||||
return rights;
|
||||
}
|
||||
|
||||
// Return the user rights for a given node
|
||||
function GetNodeRights(node, user) {
|
||||
function GetNodeRights(node, userid) {
|
||||
if (node == null) { return 0; }
|
||||
if (user == null) { user = userinfo._id; }
|
||||
if (userid == null) { userid = userinfo._id; }
|
||||
if (typeof node == 'string') { node = getNodeFromId(node); if (node == null) { return 0; } }
|
||||
var mesh = meshes[node.meshid];
|
||||
if ((mesh == null) || (mesh.links == null)) { return 0; }
|
||||
var meshlinks = mesh.links[user];
|
||||
if (meshlinks == null) { return 0; }
|
||||
return meshlinks.rights;
|
||||
return GetMeshRights(node.meshid, userid);
|
||||
}
|
||||
|
||||
//
|
||||
|
@ -10539,37 +10539,63 @@
|
||||
//
|
||||
|
||||
// Get the right of a user on a given device group
|
||||
function GetMeshRights(mesh, user) {
|
||||
function GetMeshRights(mesh, userid) {
|
||||
if (mesh == null) { return 0; }
|
||||
if (user == null) { user = userinfo._id; }
|
||||
if (userid == null) { userid = userinfo._id; }
|
||||
if (typeof mesh == 'string') { mesh = meshes[mesh] }
|
||||
if ((mesh == null) || (mesh.links == null)) { return 0; }
|
||||
var rights = mesh.links[user];
|
||||
if (rights == null) { return 0; }
|
||||
return rights.rights;
|
||||
|
||||
// Check direct link permission
|
||||
var rights = 0, r = mesh.links[userid];
|
||||
if (r != null) {
|
||||
rights = r.rights;
|
||||
if (rights == 0xFFFFFFFF) { return rights; } // User has full rights thru a direct link, stop here.
|
||||
}
|
||||
|
||||
// Check permissions thru user groups
|
||||
var user = null;
|
||||
if (userid == userinfo._id) { user = userinfo; } else { if (users != null) { user = users[userid]; } }
|
||||
if (user != null) {
|
||||
for (var i in user.links) {
|
||||
if (i.startsWith('ugrp/')) {
|
||||
r = mesh.links[i];
|
||||
if (r != null) {
|
||||
if (r.rights == 0xFFFFFFFF) { return r.rights; } // User has full rights thru a user group, stop here.
|
||||
rights |= r.rights; // TODO: Deal with reverse permissions
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return rights;
|
||||
}
|
||||
|
||||
// Returns true if the user can view the given device group
|
||||
function IsMeshViewable(mesh, user) {
|
||||
if (mesh == null) { return 0; }
|
||||
if (user == null) { user = userinfo._id; }
|
||||
function IsMeshViewable(mesh, userid) {
|
||||
if (mesh == null) { return false; }
|
||||
if (userid == null) { userid = userinfo._id; }
|
||||
if (typeof mesh == 'string') { mesh = meshes[mesh] }
|
||||
if ((mesh == null) || (mesh.links == null)) { return false; }
|
||||
var rights = mesh.links[user];
|
||||
if (rights == null) { return false; }
|
||||
return true;
|
||||
if (mesh.links[userid] != null) { return true; } // User has visilibity thru a direct link
|
||||
|
||||
// Check permissions thru user groups
|
||||
var user = null;
|
||||
if (userid == userinfo._id) { user = userinfo; } else { if (users != null) { user = users[userid]; } }
|
||||
if (user != null) {
|
||||
for (var i in user.links) {
|
||||
if ((i.startsWith('ugrp/')) && (mesh.links[i] != null)) { return true; } // User has visilibity thru a user group
|
||||
}
|
||||
}
|
||||
|
||||
return rights;
|
||||
}
|
||||
|
||||
// Return the user rights for a given node
|
||||
function GetNodeRights(node, user) {
|
||||
function GetNodeRights(node, userid) {
|
||||
if (node == null) { return 0; }
|
||||
if (user == null) { user = userinfo._id; }
|
||||
if (userid == null) { userid = userinfo._id; }
|
||||
if (typeof node == 'string') { node = getNodeFromId(node); if (node == null) { return 0; } }
|
||||
var mesh = meshes[node.meshid];
|
||||
if ((mesh == null) || (mesh.links == null)) { return 0; }
|
||||
var meshlinks = mesh.links[user];
|
||||
if (meshlinks == null) { return 0; }
|
||||
return meshlinks.rights;
|
||||
return GetMeshRights(node.meshid, userid);
|
||||
}
|
||||
|
||||
//
|
||||
|
11
webserver.js
11
webserver.js
@ -4025,14 +4025,17 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
} else return 0;
|
||||
|
||||
// Check direct user to device group permissions
|
||||
var rights = 0;
|
||||
r = user.links[meshid];
|
||||
if ((r != null) && (r.rights == 0xFFFFFFFF)) { return r.rights; } // If the user has full access thru direct link, stop here.
|
||||
var rights = r.rights;
|
||||
if (r != null) {
|
||||
var rights = r.rights;
|
||||
if (rights == 0xFFFFFFFF) { return rights; } // If the user has full access thru direct link, stop here.
|
||||
}
|
||||
|
||||
// Check if we are part of any user groups that would give this user more access.
|
||||
for (var i in user.links) {
|
||||
if (i.startsWith('ugrp')) {
|
||||
const g = obj.usersGroups[i];
|
||||
const g = obj.userGroups[i];
|
||||
if (g) {
|
||||
r = g.links[meshid];
|
||||
if (r != null) {
|
||||
@ -4068,7 +4071,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// Check if we are part of any user groups that would give this user visibility to this device group.
|
||||
for (var i in user.links) {
|
||||
if (i.startsWith('ugrp')) {
|
||||
const g = obj.usersGroups[i];
|
||||
const g = obj.userGroups[i];
|
||||
if (g && (g.links[meshid] != null)) { return true; } // If the user has a user group link, stop here.
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user