Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

rework user and admin profiles

Browse Source 
users and admins can now also update their email and description
This commit is contained in:
Nicola Murino
2021-09-29 18:46:15 +02:00
parent af8fa7ff81
commit ba1febba73
25 changed files with 1038 additions and 798 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
httpd/api_http_user.go
View File

@@ -349,7 +349,7 @@ func setUserPublicKeys(w http.ResponseWriter, r *http.Request) {
sendAPIResponse(w, r, err, "Public keys updated", http.StatusOK)
}
func getUserAPIKeyAuthStatus(w http.ResponseWriter, r *http.Request) {
func getUserProfile(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
claims, err := getTokenClaims(r)
if err != nil || claims.Username == "" {
@@ -361,20 +361,25 @@ func getUserAPIKeyAuthStatus(w http.ResponseWriter, r *http.Request) {
sendAPIResponse(w, r, err, "", getRespStatus(err))
return
}
resp := apiKeyAuth{
AllowAPIKeyAuth: user.Filters.AllowAPIKeyAuth,
resp := userProfile{
baseProfile: baseProfile{
Email: user.Email,
Description: user.Description,
AllowAPIKeyAuth: user.Filters.AllowAPIKeyAuth,
},
PublicKeys: user.PublicKeys,
}
render.JSON(w, r, resp)
}
func changeUserAPIKeyAuthStatus(w http.ResponseWriter, r *http.Request) {
func updateUserProfile(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
claims, err := getTokenClaims(r)
if err != nil || claims.Username == "" {
sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest)
return
}
var req apiKeyAuth
var req userProfile
err = render.DecodeJSON(r.Body, &req)
if err != nil {
sendAPIResponse(w, r, err, "", http.StatusBadRequest)
@@ -385,12 +390,25 @@ func changeUserAPIKeyAuthStatus(w http.ResponseWriter, r *http.Request) {
sendAPIResponse(w, r, err, "", getRespStatus(err))
return
}
user.Filters.AllowAPIKeyAuth = req.AllowAPIKeyAuth
if !user.CanManagePublicKeys() && !user.CanChangeAPIKeyAuth() && !user.CanChangeInfo() {
sendAPIResponse(w, r, nil, "You are not allowed to change anything", http.StatusForbidden)
return
}
if user.CanManagePublicKeys() {
user.PublicKeys = req.PublicKeys
}
if user.CanChangeAPIKeyAuth() {
user.Filters.AllowAPIKeyAuth = req.AllowAPIKeyAuth
}
if user.CanChangeInfo() {
user.Email = req.Email
user.Description = req.Description
}
if err := dataprovider.UpdateUser(&user); err != nil {
sendAPIResponse(w, r, err, "", getRespStatus(err))
return
}
sendAPIResponse(w, r, err, "API key authentication status updated", http.StatusOK)
sendAPIResponse(w, r, err, "Profile updated", http.StatusOK)
}
func changeUserPassword(w http.ResponseWriter, r *http.Request) {