ClusterCockpit/cc-backend
1
0
Fork 0
mirror of https://github.com/ClusterCockpit/cc-backend synced 2025-07-23 04:51:39 +02:00
Code Issues Packages Releases Activity

filter taglist scope visibility by role, add global tag handling to support role

Browse Source
This commit is contained in:
Christoph Kluge
2024-10-09 13:23:06 +02:00
parent bc434ee8cb
commit e3104c61cb
3 changed files with 46 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/repository/tags.go
View File

@@ -309,7 +309,7 @@ func (r *JobRepository) checkScopeAuth(ctx context.Context, operation string, sc
}
return false, nil
case operation == "write" && scope == "global":
if user.HasRole(schema.RoleAdmin) || (len(user.Roles) == 1 && user.HasRole(schema.RoleApi)) {
if user.HasAnyRole([]schema.Role{schema.RoleAdmin, schema.RoleSupport}) || (len(user.Roles) == 1 && user.HasRole(schema.RoleApi)) {
return true, nil
}
return false, nil