Starship/CoreID
1
0
Fork 0
Code Issues 8 Pull Requests Releases 34 Wiki Activity

Groups - allow flagging group as su equivalent
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Garrett Mills 2021-03-10 20:06:43 -06:00
parent 91fc8a65a2
commit ef819b0a2e
Signed by: garrettmills
GPG Key ID: D2BF5FBA8298F246
4 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/assets/app/cobalt/Form.component.js
View File

@ -42,7 +42,7 @@ const template = `
<option <option
v-for="option of field.options" v-for="option of field.options"
:value="option.value" :value="option.value"
:selected="data[field.field] && data[field.field].includes(option.value)" :selected="data[field.field] && (data[field.field] === option.value || (Array.isArray(data[field.field]) && data[field.field].includes(option.value)))"
>{{ typeof option.display === 'function' ? option.display(option) : option.display }}</option> >{{ typeof option.display === 'function' ? option.display(option) : option.display }}</option>
</select> </select>
<small class="form-text" style="color: darkred;" v-if="field.error">{{ field.error }}</small> <small class="form-text" style="color: darkred;" v-if="field.error">{{ field.error }}</small>

9
app/assets/app/resource/auth/Group.resource.js
View File

@ -62,6 +62,15 @@ class GroupResource extends CRUDBase {
required: true, required: true,
type: 'text', type: 'text',
}, },
{
name: 'Superuser equivalent?',
field: 'grants_sudo',
type: 'select',
options: [
{display: 'Yes', value: true},
{display: 'No', value: false},
],
},
{ {
name: 'Users', name: 'Users',
field: 'user_ids', field: 'user_ids',

29
app/controllers/api/v1/Auth.controller.js
View File

@ -239,7 +239,10 @@ class AuthController extends Controller {
.message(req.T('api.group_already_exists')) .message(req.T('api.group_already_exists'))
.api() .api()
const group = new Group({ name: req.body.name }) const group = new Group({
name: req.body.name,
grants_sudo: !!req.body.grants_sudo,
})
// Validate user ids // Validate user ids
const User = this.models.get('auth:User') const User = this.models.get('auth:User')
@ -257,6 +260,17 @@ class AuthController extends Controller {
group.user_ids = user_ids group.user_ids = user_ids
} }
if ( group.grants_sudo ) {
const Setting = this.models.get('Setting')
let last_uid = await Setting.get('ldap.last_alloc_uid')
if ( last_uid < 1 ) {
last_uid = this.configs.get('ldap:server.schema.start_uid')
}
group.posix_group_id = last_uid + 1
await Setting.set('ldap.last_alloc_uid', group.posix_group_id)
}
await group.save() await group.save()
return res.api(await group.to_api()) return res.api(await group.to_api())
} }
@ -365,6 +379,19 @@ class AuthController extends Controller {
} }
group.name = req.body.name group.name = req.body.name
group.grants_sudo = !!req.body.grants_sudo
if ( group.grants_sudo && !group.posix_group_id ) {
const Setting = this.models.get('Setting')
let last_uid = await Setting.get('ldap.last_alloc_uid')
if ( last_uid < 1 ) {
last_uid = this.configs.get('ldap:server.schema.start_uid')
}
group.posix_group_id = last_uid + 1
await Setting.set('ldap.last_alloc_uid', group.posix_group_id)
}
await group.save() await group.save()
return res.api() return res.api()
} }

2
app/models/auth/Group.model.js
View File

@ -13,6 +13,7 @@ class GroupModel extends Model {
user_ids: [String], user_ids: [String],
posix_user_id: String, posix_user_id: String,
posix_group_id: Number, posix_group_id: Number,
grants_sudo: { type: Boolean, default: false },
active: { type: Boolean, default: true }, active: { type: Boolean, default: true },
ldap_visible: { type: Boolean, default: true }, ldap_visible: { type: Boolean, default: true },
} }
@ -84,6 +85,7 @@ class GroupModel extends Model {
name: this.name, name: this.name,
user_ids: this.user_ids, user_ids: this.user_ids,
ldap_visible: this.ldap_visible, ldap_visible: this.ldap_visible,
grants_sudo: !!this.grants_sudo,
} }
} }
} }