Levitating/Telodendria
1
0
Fork 0
forked from Telodendria/Telodendria
Code Pull requests Activity

Add admin privilege to manage room aliases.

Browse source
This commit is contained in:
Jordan Bancino 2023-08-09 15:50:03 +00:00
parent 69d28f39d1
commit bc71a7ec01
5 changed files with 14 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
TODO.txt
View file

@ -61,7 +61,7 @@ Milestone: v0.4.0
[ ] Finish RouteAliasDirectory [ ] Finish RouteAliasDirectory
[ ] Add "id" objects when putting aliases [ ] Add "id" objects when putting aliases
[ ] Delete from "id" when deleting alias [ ] Delete from "id" when deleting alias
[ ] Add alias admin privilege to allow admins to manage aliases [x] Add alias admin privilege to allow admins to manage aliases
Milestone: v0.5.0 Milestone: v0.5.0
----------------- -----------------

6
man/man7/telodendria-admin.7
View file

@ -1,4 +1,4 @@
.Dd $Mdocdate: April 20 2023 $ .Dd $Mdocdate: August 9 2023 $
.Dt TELODENDRIA-ADMIN 7 .Dt TELODENDRIA-ADMIN 7
.Os Telodendria Project .Os Telodendria Project
.Sh NAME .Sh NAME
@ -32,6 +32,10 @@ Allows a user to modify the Telodendria server daemon's configuration.
.It Dv GRANT_PRIVILEGES .It Dv GRANT_PRIVILEGES
Allows a user to modify his or her own privileges or the privileges of other Allows a user to modify his or her own privileges or the privileges of other
local users. local users.
.It Dv ALIAS
Allows a user to modify room aliases created by other users. By default, users
can only manage their own room aliases, but an administrator may wish to take
over an alias or remove an offensive alias.
.It Dv PROC_CONTROL .It Dv PROC_CONTROL
Allows a user to get statistics on the running process, as well as shutdown and Allows a user to get statistics on the running process, as well as shutdown and
restart the Telodendria daemon itself. Typically this will pair well with restart the Telodendria daemon itself. Typically this will pair well with

2
src/Routes/RouteAliasDirectory.c
View file

@ -135,7 +135,7 @@ ROUTE_IMPL(RouteAliasDirectory, path, argp)
goto finish; goto finish;
} }
if (!StrEquals(UserGetName(user), JsonValueAsString(JsonGet(aliases, 3, "alias", alias, "createdBy")))) if (!(UserGetPrivileges(user) & USER_ALIAS) && !StrEquals(UserGetName(user), JsonValueAsString(JsonGet(aliases, 3, "alias", alias, "createdBy"))))
{ {
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
response = MatrixErrorCreate(M_UNAUTHORIZED, NULL); response = MatrixErrorCreate(M_UNAUTHORIZED, NULL);

5
src/User.c
View file

@ -802,6 +802,10 @@ UserDecodePrivilege(const char *p)
{ {
return USER_PROC_CONTROL; return USER_PROC_CONTROL;
} }
else if (StrEquals(p, "ALIAS"))
{
return USER_ALIAS;
}
else else
{ {
return USER_NONE; return USER_NONE;
@ -835,6 +839,7 @@ UserEncodePrivileges(int privileges)
A(USER_CONFIG, "CONFIG"); A(USER_CONFIG, "CONFIG");
A(USER_GRANT_PRIVILEGES, "GRANT_PRIVILEGES"); A(USER_GRANT_PRIVILEGES, "GRANT_PRIVILEGES");
A(USER_PROC_CONTROL, "PROC_CONTROL"); A(USER_PROC_CONTROL, "PROC_CONTROL");
A(USER_ALIAS, "ALIAS");
#undef A #undef A

3
src/include/User.h
View file

@ -61,7 +61,8 @@ typedef enum UserPrivileges
USER_CONFIG = (1 << 2), USER_CONFIG = (1 << 2),
USER_GRANT_PRIVILEGES = (1 << 3), USER_GRANT_PRIVILEGES = (1 << 3),
USER_PROC_CONTROL = (1 << 4), USER_PROC_CONTROL = (1 << 4),
USER_ALL = ((1 << 5) - 1) USER_ALIAS = (1 << 5),
USER_ALL = ((1 << 6) - 1)
} UserPrivileges; } UserPrivileges;
/** /**