|
|
|
@ -239,7 +239,10 @@ class AuthController extends Controller {
|
|
|
|
|
.message(req.T('api.group_already_exists'))
|
|
|
|
|
.api()
|
|
|
|
|
|
|
|
|
|
const group = new Group({ name: req.body.name })
|
|
|
|
|
const group = new Group({
|
|
|
|
|
name: req.body.name,
|
|
|
|
|
grants_sudo: !!req.body.grants_sudo,
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Validate user ids
|
|
|
|
|
const User = this.models.get('auth:User')
|
|
|
|
@ -257,6 +260,17 @@ class AuthController extends Controller {
|
|
|
|
|
group.user_ids = user_ids
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( group.grants_sudo ) {
|
|
|
|
|
const Setting = this.models.get('Setting')
|
|
|
|
|
let last_uid = await Setting.get('ldap.last_alloc_uid')
|
|
|
|
|
if ( last_uid < 1 ) {
|
|
|
|
|
last_uid = this.configs.get('ldap:server.schema.start_uid')
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
group.posix_group_id = last_uid + 1
|
|
|
|
|
await Setting.set('ldap.last_alloc_uid', group.posix_group_id)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
await group.save()
|
|
|
|
|
return res.api(await group.to_api())
|
|
|
|
|
}
|
|
|
|
@ -365,6 +379,19 @@ class AuthController extends Controller {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
group.name = req.body.name
|
|
|
|
|
group.grants_sudo = !!req.body.grants_sudo
|
|
|
|
|
|
|
|
|
|
if ( group.grants_sudo && !group.posix_group_id ) {
|
|
|
|
|
const Setting = this.models.get('Setting')
|
|
|
|
|
let last_uid = await Setting.get('ldap.last_alloc_uid')
|
|
|
|
|
if ( last_uid < 1 ) {
|
|
|
|
|
last_uid = this.configs.get('ldap:server.schema.start_uid')
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
group.posix_group_id = last_uid + 1
|
|
|
|
|
await Setting.set('ldap.last_alloc_uid', group.posix_group_id)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
await group.save()
|
|
|
|
|
return res.api()
|
|
|
|
|
}
|
|
|
|
|