Groups - allow flagging group as su equivalent
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Garrett Mills 2021-03-10 20:06:43 -06:00
parent 91fc8a65a2
commit ef819b0a2e
Signed by: garrettmills
GPG Key ID: D2BF5FBA8298F246
4 changed files with 40 additions and 2 deletions

View File

@ -42,7 +42,7 @@ const template = `
<option
v-for="option of field.options"
:value="option.value"
:selected="data[field.field] && data[field.field].includes(option.value)"
:selected="data[field.field] && (data[field.field] === option.value || (Array.isArray(data[field.field]) && data[field.field].includes(option.value)))"
>{{ typeof option.display === 'function' ? option.display(option) : option.display }}</option>
</select>
<small class="form-text" style="color: darkred;" v-if="field.error">{{ field.error }}</small>

View File

@ -62,6 +62,15 @@ class GroupResource extends CRUDBase {
required: true,
type: 'text',
},
{
name: 'Superuser equivalent?',
field: 'grants_sudo',
type: 'select',
options: [
{display: 'Yes', value: true},
{display: 'No', value: false},
],
},
{
name: 'Users',
field: 'user_ids',

View File

@ -239,7 +239,10 @@ class AuthController extends Controller {
.message(req.T('api.group_already_exists'))
.api()
const group = new Group({ name: req.body.name })
const group = new Group({
name: req.body.name,
grants_sudo: !!req.body.grants_sudo,
})
// Validate user ids
const User = this.models.get('auth:User')
@ -257,6 +260,17 @@ class AuthController extends Controller {
group.user_ids = user_ids
}
if ( group.grants_sudo ) {
const Setting = this.models.get('Setting')
let last_uid = await Setting.get('ldap.last_alloc_uid')
if ( last_uid < 1 ) {
last_uid = this.configs.get('ldap:server.schema.start_uid')
}
group.posix_group_id = last_uid + 1
await Setting.set('ldap.last_alloc_uid', group.posix_group_id)
}
await group.save()
return res.api(await group.to_api())
}
@ -365,6 +379,19 @@ class AuthController extends Controller {
}
group.name = req.body.name
group.grants_sudo = !!req.body.grants_sudo
if ( group.grants_sudo && !group.posix_group_id ) {
const Setting = this.models.get('Setting')
let last_uid = await Setting.get('ldap.last_alloc_uid')
if ( last_uid < 1 ) {
last_uid = this.configs.get('ldap:server.schema.start_uid')
}
group.posix_group_id = last_uid + 1
await Setting.set('ldap.last_alloc_uid', group.posix_group_id)
}
await group.save()
return res.api()
}

View File

@ -13,6 +13,7 @@ class GroupModel extends Model {
user_ids: [String],
posix_user_id: String,
posix_group_id: Number,
grants_sudo: { type: Boolean, default: false },
active: { type: Boolean, default: true },
ldap_visible: { type: Boolean, default: true },
}
@ -84,6 +85,7 @@ class GroupModel extends Model {
name: this.name,
user_ids: this.user_ids,
ldap_visible: this.ldap_visible,
grants_sudo: !!this.grants_sudo,
}
}
}