Net 1227 v1 (#3062)

* generalise smtp config * copy over smtp vars * env new line * fix master key api access * comment user tests * fix network and user invite for master key access
gravitl · Aug 22, 2024 · fe57a6a · fe57a6a
1 parent d415216
commit fe57a6a
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 23 deletions.
diff --git a/controllers/network.go b/controllers/network.go
@@ -58,13 +58,16 @@ func getNetworks(w http.ResponseWriter, r *http.Request) {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 		return
 	}
-	username := r.Header.Get("user")
-	user, err := logic.GetUser(username)
-	if err != nil {
-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
-		return
+	if r.Header.Get("ismaster") != "yes" {
+		username := r.Header.Get("user")
+		user, err := logic.GetUser(username)
+		if err != nil {
+			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
+			return
+		}
+		allnetworks = logic.FilterNetworksByRole(allnetworks, *user)
 	}
-	allnetworks = logic.FilterNetworksByRole(allnetworks, *user)
+
 	logger.Log(2, r.Header.Get("user"), "fetched networks.")
 	logic.SortNetworks(allnetworks[:])
 	w.WriteHeader(http.StatusOK)

diff --git a/pro/controllers/users.go b/pro/controllers/users.go
@@ -165,24 +165,27 @@ func inviteUsers(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	callerUserName := r.Header.Get("user")
-	caller, err := logic.GetUser(callerUserName)
-	if err != nil {
-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "notfound"))
-		return
-	}
-	if inviteReq.PlatformRoleID == models.SuperAdminRole.String() {
-		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("super admin cannot be invited"), "badrequest"))
-		return
-	}
-	if inviteReq.PlatformRoleID == "" {
-		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("platform role id cannot be empty"), "badrequest"))
-		return
-	}
-	if (inviteReq.PlatformRoleID == models.AdminRole.String() ||
-		inviteReq.PlatformRoleID == models.SuperAdminRole.String()) && caller.PlatformRoleID != models.SuperAdminRole {
-		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("only superadmin can invite admin users"), "forbidden"))
-		return
+	if r.Header.Get("ismaster") != "yes" {
+		caller, err := logic.GetUser(callerUserName)
+		if err != nil {
+			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "notfound"))
+			return
+		}
+		if inviteReq.PlatformRoleID == models.SuperAdminRole.String() {
+			logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("super admin cannot be invited"), "badrequest"))
+			return
+		}
+		if inviteReq.PlatformRoleID == "" {
+			logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("platform role id cannot be empty"), "badrequest"))
+			return
+		}
+		if (inviteReq.PlatformRoleID == models.AdminRole.String() ||
+			inviteReq.PlatformRoleID == models.SuperAdminRole.String()) && caller.PlatformRoleID != models.SuperAdminRole {
+			logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("only superadmin can invite admin users"), "forbidden"))
+			return
+		}
 	}
+
 	//validate Req
 	err = proLogic.IsGroupsValid(inviteReq.UserGroups)
 	if err != nil {