Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-08 15:28:05 +03:00
Code Issues Packages Projects Releases Wiki Activity

don't allow admins to change their own permissions

Browse Source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2024-11-09 20:33:03 +01:00
parent 5c163ed592
commit 65e8e2c1d4
7 changed files with 24 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
internal/httpd/auth_utils.go
View File

@@ -211,19 +211,6 @@ func (c *jwtTokenClaims) Decode(token map[string]any) {
}
}
func (c *jwtTokenClaims) isCriticalPermRemoved(permissions []string) bool {
if util.Contains(permissions, dataprovider.PermAdminAny) {
return false
}
if (util.Contains(c.Permissions, dataprovider.PermAdminManageAdmins) ||
util.Contains(c.Permissions, dataprovider.PermAdminAny)) &&
!util.Contains(permissions, dataprovider.PermAdminManageAdmins) &&
!util.Contains(permissions, dataprovider.PermAdminAny) {
return true
}
return false
}
func (c *jwtTokenClaims) hasPerm(perm string) bool {
if util.Contains(c.Permissions, dataprovider.PermAdminAny) {
return true