forked from Telodendria/Telodendria
Add admin privilege to manage room aliases.
This commit is contained in:
parent
69d28f39d1
commit
bc71a7ec01
5 changed files with 14 additions and 4 deletions
2
TODO.txt
2
TODO.txt
|
@ -61,7 +61,7 @@ Milestone: v0.4.0
|
||||||
[ ] Finish RouteAliasDirectory
|
[ ] Finish RouteAliasDirectory
|
||||||
[ ] Add "id" objects when putting aliases
|
[ ] Add "id" objects when putting aliases
|
||||||
[ ] Delete from "id" when deleting alias
|
[ ] Delete from "id" when deleting alias
|
||||||
[ ] Add alias admin privilege to allow admins to manage aliases
|
[x] Add alias admin privilege to allow admins to manage aliases
|
||||||
|
|
||||||
Milestone: v0.5.0
|
Milestone: v0.5.0
|
||||||
-----------------
|
-----------------
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
.Dd $Mdocdate: April 20 2023 $
|
.Dd $Mdocdate: August 9 2023 $
|
||||||
.Dt TELODENDRIA-ADMIN 7
|
.Dt TELODENDRIA-ADMIN 7
|
||||||
.Os Telodendria Project
|
.Os Telodendria Project
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -32,6 +32,10 @@ Allows a user to modify the Telodendria server daemon's configuration.
|
||||||
.It Dv GRANT_PRIVILEGES
|
.It Dv GRANT_PRIVILEGES
|
||||||
Allows a user to modify his or her own privileges or the privileges of other
|
Allows a user to modify his or her own privileges or the privileges of other
|
||||||
local users.
|
local users.
|
||||||
|
.It Dv ALIAS
|
||||||
|
Allows a user to modify room aliases created by other users. By default, users
|
||||||
|
can only manage their own room aliases, but an administrator may wish to take
|
||||||
|
over an alias or remove an offensive alias.
|
||||||
.It Dv PROC_CONTROL
|
.It Dv PROC_CONTROL
|
||||||
Allows a user to get statistics on the running process, as well as shutdown and
|
Allows a user to get statistics on the running process, as well as shutdown and
|
||||||
restart the Telodendria daemon itself. Typically this will pair well with
|
restart the Telodendria daemon itself. Typically this will pair well with
|
||||||
|
|
|
@ -135,7 +135,7 @@ ROUTE_IMPL(RouteAliasDirectory, path, argp)
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!StrEquals(UserGetName(user), JsonValueAsString(JsonGet(aliases, 3, "alias", alias, "createdBy"))))
|
if (!(UserGetPrivileges(user) & USER_ALIAS) && !StrEquals(UserGetName(user), JsonValueAsString(JsonGet(aliases, 3, "alias", alias, "createdBy"))))
|
||||||
{
|
{
|
||||||
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
||||||
response = MatrixErrorCreate(M_UNAUTHORIZED, NULL);
|
response = MatrixErrorCreate(M_UNAUTHORIZED, NULL);
|
||||||
|
|
|
@ -802,6 +802,10 @@ UserDecodePrivilege(const char *p)
|
||||||
{
|
{
|
||||||
return USER_PROC_CONTROL;
|
return USER_PROC_CONTROL;
|
||||||
}
|
}
|
||||||
|
else if (StrEquals(p, "ALIAS"))
|
||||||
|
{
|
||||||
|
return USER_ALIAS;
|
||||||
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
return USER_NONE;
|
return USER_NONE;
|
||||||
|
@ -835,6 +839,7 @@ UserEncodePrivileges(int privileges)
|
||||||
A(USER_CONFIG, "CONFIG");
|
A(USER_CONFIG, "CONFIG");
|
||||||
A(USER_GRANT_PRIVILEGES, "GRANT_PRIVILEGES");
|
A(USER_GRANT_PRIVILEGES, "GRANT_PRIVILEGES");
|
||||||
A(USER_PROC_CONTROL, "PROC_CONTROL");
|
A(USER_PROC_CONTROL, "PROC_CONTROL");
|
||||||
|
A(USER_ALIAS, "ALIAS");
|
||||||
|
|
||||||
#undef A
|
#undef A
|
||||||
|
|
||||||
|
|
|
@ -61,7 +61,8 @@ typedef enum UserPrivileges
|
||||||
USER_CONFIG = (1 << 2),
|
USER_CONFIG = (1 << 2),
|
||||||
USER_GRANT_PRIVILEGES = (1 << 3),
|
USER_GRANT_PRIVILEGES = (1 << 3),
|
||||||
USER_PROC_CONTROL = (1 << 4),
|
USER_PROC_CONTROL = (1 << 4),
|
||||||
USER_ALL = ((1 << 5) - 1)
|
USER_ALIAS = (1 << 5),
|
||||||
|
USER_ALL = ((1 << 6) - 1)
|
||||||
} UserPrivileges;
|
} UserPrivileges;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in a new issue