sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-26 04:06:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

[management] permission manager validate account access

Browse Source
This commit is contained in:
Pedro Costa
2025-03-05 16:55:44 +00:00
parent 9325fb7990
commit f9f47b0ad8
25 changed files with 267 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
management/server/route.go
View File

@@ -25,7 +25,11 @@ func (am *DefaultAccountManager) GetRoute(ctx context.Context, accountID string,
return nil, err
}
if !user.IsAdminOrServiceUser() || user.AccountID != accountID {
if err := am.permissionsManager.ValidateAccountAccess(ctx, accountID, user); err != nil {
return nil, err
}
if !user.IsAdminOrServiceUser() {
return nil, status.Errorf(status.PermissionDenied, "only users with admin power can view Network Routes")
}
@@ -342,7 +346,11 @@ func (am *DefaultAccountManager) ListRoutes(ctx context.Context, accountID, user
return nil, err
}
if !user.IsAdminOrServiceUser() || user.AccountID != accountID {
if err := am.permissionsManager.ValidateAccountAccess(ctx, accountID, user); err != nil {
return nil, err
}
if !user.IsAdminOrServiceUser() {
return nil, status.Errorf(status.PermissionDenied, "only users with admin power can view Network Routes")
}