scottk/wlan-cloud-owprov
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-owprov.git synced 2025-11-02 11:37:54 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Fix: https://telecominfraproject.atlassian.net/browse/WIFI-8004

Browse Source
This commit is contained in:
stephb9959
2022-05-19 16:22:06 -07:00
parent 4abec884bf
commit 744b6c4b2a
2 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/RESTAPI/RESTAPI_map_handler.cpp
View File

@@ -34,7 +34,9 @@ namespace OpenWifi{
return NotFound();
}
if(UserInfo_.userinfo.id!=Existing.creator) {
if( UserInfo_.userinfo.userRole!=SecurityObjects::ROOT &&
UserInfo_.userinfo.userRole!=SecurityObjects::ADMIN &&
UserInfo_.userinfo.id!=Existing.creator) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
@@ -111,17 +113,31 @@ namespace OpenWifi{
return BadRequest( RESTAPI::Errors::NameMustBeSet);
}
if(Existing.creator != UserInfo_.userinfo.id) {
if( UserInfo_.userinfo.userRole!=SecurityObjects::ROOT &&
UserInfo_.userinfo.userRole!=SecurityObjects::ADMIN &&
UserInfo_.userinfo.id!=Existing.creator) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
if( UserInfo_.userinfo.userRole==SecurityObjects::ROOT ||
UserInfo_.userinfo.userRole==SecurityObjects::ADMIN) {
} else if(Existing.creator != UserInfo_.userinfo.id) {
if(Existing.visibility == "private") {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
if(Existing.visibility == "select") {
bool allowed=false;
for(const auto &i:Existing.access.list) {
for(const auto &j:i.users.list) {
if(j==UserInfo_.userinfo.id) {
allowed=true;
}
}
}
if(!allowed) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
}
}