diff --git a/app/classes/models/crafty_permissions.py b/app/classes/models/crafty_permissions.py
index 7430f332..e7a159d9 100644
--- a/app/classes/models/crafty_permissions.py
+++ b/app/classes/models/crafty_permissions.py
@@ -187,7 +187,7 @@ class PermissionsCrafty:
@staticmethod
def get_api_key_permissions_list(key: ApiKeys):
user = HelperUsers.get_user(key.user_id)
- if user["superuser"] and key.superuser:
+ if user["superuser"] and key.full_access:
return PermissionsCrafty.get_permissions_list()
if user["superuser"]:
# User is superuser but API key isn't
diff --git a/app/classes/models/server_permissions.py b/app/classes/models/server_permissions.py
index 56f9d8ac..12301e30 100644
--- a/app/classes/models/server_permissions.py
+++ b/app/classes/models/server_permissions.py
@@ -264,7 +264,7 @@ class PermissionsServers:
@staticmethod
def get_api_key_permissions_list(key: ApiKeys, server_id: str):
user = HelperUsers.get_user(key.user_id)
- if user["superuser"] and key.superuser:
+ if user["superuser"] and key.full_access:
return PermissionsServers.get_permissions_list()
roles_list = HelperUsers.get_user_roles_id(user["user_id"])
role_server = (
diff --git a/app/classes/models/users.py b/app/classes/models/users.py
index e44d06fb..3f96e651 100644
--- a/app/classes/models/users.py
+++ b/app/classes/models/users.py
@@ -71,7 +71,7 @@ class ApiKeys(BaseModel):
user_id = ForeignKeyField(Users, backref="api_token", index=True)
server_permissions = CharField(default="00000000")
crafty_permissions = CharField(default="000")
- superuser = BooleanField(default=False)
+ full_access = BooleanField(default=False)
class Meta:
table_name = "api_keys"
@@ -408,7 +408,7 @@ class HelperUsers:
def add_user_api_key(
name: str,
user_id: str,
- superuser: bool = False,
+ full_access: bool = False,
server_permissions_mask: t.Optional[str] = None,
crafty_permissions_mask: t.Optional[str] = None,
):
@@ -426,7 +426,7 @@ class HelperUsers:
if crafty_permissions_mask is not None
else {}
),
- ApiKeys.superuser: superuser,
+ ApiKeys.full_access: full_access,
}
).execute()
diff --git a/app/classes/web/base_handler.py b/app/classes/web/base_handler.py
index ced6cb97..6967ebe2 100644
--- a/app/classes/web/base_handler.py
+++ b/app/classes/web/base_handler.py
@@ -191,7 +191,7 @@ class BaseHandler(tornado.web.RequestHandler):
superuser = user["superuser"]
if api_key is not None:
- superuser = superuser and api_key.superuser
+ superuser = superuser and api_key.full_access
exec_user_role = set()
if superuser:
diff --git a/app/classes/web/panel_handler.py b/app/classes/web/panel_handler.py
index d61e3c0e..0fe7c8ae 100644
--- a/app/classes/web/panel_handler.py
+++ b/app/classes/web/panel_handler.py
@@ -168,7 +168,7 @@ class PanelHandler(BaseHandler):
# Commented out because there is no server access control for API keys,
# they just inherit from the host user
# if api_key is not None:
- # superuser = superuser and api_key.superuser
+ # superuser = superuser and api_key.full_access
if server_id is None:
self.redirect("/panel/error?error=Invalid Server ID")
@@ -242,7 +242,7 @@ class PanelHandler(BaseHandler):
api_key, _token_data, exec_user = self.current_user
superuser = exec_user["superuser"]
if api_key is not None:
- superuser = superuser and api_key.superuser
+ superuser = superuser and api_key.full_access
if superuser: # TODO: Figure out a better solution
defined_servers = self.controller.servers.list_defined_servers()
@@ -351,7 +351,7 @@ class PanelHandler(BaseHandler):
"created": api_key.created,
"server_permissions": api_key.server_permissions,
"crafty_permissions": api_key.crafty_permissions,
- "superuser": api_key.superuser,
+ "full_access": api_key.full_access,
}
if api_key is not None
else None
diff --git a/app/classes/web/routes/api/users/user/api.py b/app/classes/web/routes/api/users/user/api.py
index 1c7635f2..960cfe32 100644
--- a/app/classes/web/routes/api/users/user/api.py
+++ b/app/classes/web/routes/api/users/user/api.py
@@ -75,7 +75,7 @@ class ApiUsersUserKeyHandler(BaseApiHandler):
"name": key.name,
"server_permissions": key.server_permissions,
"crafty_permissions": key.crafty_permissions,
- "superuser": key.superuser,
+ "full_access": key.full_access,
}
)
self.finish_json(
@@ -99,7 +99,7 @@ class ApiUsersUserKeyHandler(BaseApiHandler):
"type": "string",
"pattern": "^[01]{3}$", # 8 bits, see EnumPermissionsCrafty
},
- "superuser": {"type": "boolean"},
+ "full_access": {"type": "boolean"},
},
"additionalProperties": False,
"minProperties": 1,
@@ -163,7 +163,7 @@ class ApiUsersUserKeyHandler(BaseApiHandler):
key_id = self.controller.users.add_user_api_key(
data["name"],
user_id,
- data["superuser"],
+ data["full_access"],
data["server_permissions_mask"],
data["crafty_permissions_mask"],
)
diff --git a/app/classes/web/server_handler.py b/app/classes/web/server_handler.py
index 545029aa..085d8626 100644
--- a/app/classes/web/server_handler.py
+++ b/app/classes/web/server_handler.py
@@ -30,7 +30,7 @@ class ServerHandler(BaseHandler):
) = self.current_user
superuser = exec_user["superuser"]
if api_key is not None:
- superuser = superuser and api_key.superuser
+ superuser = superuser and api_key.full_access
if superuser:
defined_servers = self.controller.servers.list_defined_servers()
@@ -124,7 +124,7 @@ class ServerHandler(BaseHandler):
"created": api_key.created,
"server_permissions": api_key.server_permissions,
"crafty_permissions": api_key.crafty_permissions,
- "superuser": api_key.superuser,
+ "full_access": api_key.full_access,
}
if api_key is not None
else None
diff --git a/app/classes/web/upload_handler.py b/app/classes/web/upload_handler.py
index 0667dd12..747fa63b 100644
--- a/app/classes/web/upload_handler.py
+++ b/app/classes/web/upload_handler.py
@@ -42,7 +42,7 @@ class UploadHandler(BaseHandler):
if self.upload_type == "server_import":
superuser = exec_user["superuser"]
if api_key is not None:
- superuser = superuser and api_key.superuser
+ superuser = superuser and api_key.full_access
user_id = exec_user["user_id"]
stream_size_value = self.helper.get_setting("stream_size_GB")
@@ -133,7 +133,7 @@ class UploadHandler(BaseHandler):
elif self.upload_type == "background":
superuser = exec_user["superuser"]
if api_key is not None:
- superuser = superuser and api_key.superuser
+ superuser = superuser and api_key.full_access
user_id = exec_user["user_id"]
stream_size_value = self.helper.get_setting("stream_size_GB")
@@ -212,7 +212,7 @@ class UploadHandler(BaseHandler):
server_id = self.get_argument("server_id", None)
superuser = exec_user["superuser"]
if api_key is not None:
- superuser = superuser and api_key.superuser
+ superuser = superuser and api_key.full_access
user_id = exec_user["user_id"]
stream_size_value = self.helper.get_setting("stream_size_GB")
diff --git a/app/frontend/templates/panel/panel_edit_user_apikeys.html b/app/frontend/templates/panel/panel_edit_user_apikeys.html
index 084db0c3..772a07b7 100644
--- a/app/frontend/templates/panel/panel_edit_user_apikeys.html
+++ b/app/frontend/templates/panel/panel_edit_user_apikeys.html
@@ -70,7 +70,7 @@
| {{ apikey.name }} |
{{ apikey.created.strftime('%d/%m/%Y %H:%M:%S') }} |
- {% if apikey.superuser %}
+ {% if apikey.full_access %}
{{
translate('apiKeys', 'yes', data['lang']) }}
@@ -158,8 +158,8 @@
-
-
+
+
@@ -240,7 +240,7 @@
"name": formDataObject.name,
"server_permissions_mask": server_permissions,
"crafty_permissions_mask": crafty_permissions,
- "superuser": $("#superuser").prop('checked'),
+ "full_access": $("#full_access").prop('checked'),
});
console.log(formDataJsonString);
diff --git a/app/migrations/20240317_apikey_full_access.py b/app/migrations/20240317_apikey_full_access.py
new file mode 100644
index 00000000..6ae223e1
--- /dev/null
+++ b/app/migrations/20240317_apikey_full_access.py
@@ -0,0 +1,17 @@
+# Generated by database migrator
+import peewee
+
+
+def migrate(migrator, database, **kwargs):
+ migrator.rename_column("api_keys", "superuser", "full_access")
+
+ """
+ Write your migrations here.
+ """
+
+
+def rollback(migrator, database, **kwargs):
+ migrator.rename_column("api_keys", "full_access", "superuser")
+ """
+ Write your rollback migrations here.
+ """
|