mirror of
https://gitlab.com/crafty-controller/crafty-4.git
synced 2024-08-30 18:23:09 +00:00
Add permissions checks for quantity for users/role
Remove the ability to add quantities for general users.
This commit is contained in:
amcmanu3
parent
e3248e8657
commit
12390306fd
@ -35,20 +35,18 @@ class CraftyPermsController:
|
||||
)
|
||||
|
||||
@staticmethod
|
||||
def can_add_user(): # Add back argument 'user_id' when you work on this
|
||||
return True
|
||||
def can_add_user(user_id): # Add back argument 'user_id' when you work on this
|
||||
# TODO: Complete if we need a User Addition limit
|
||||
# return crafty_permissions.can_add_in_crafty(
|
||||
# user_id, Enum_Permissions_Crafty.User_Config
|
||||
# )
|
||||
return PermissionsCrafty.can_add_in_crafty(
|
||||
user_id, EnumPermissionsCrafty.USER_CONFIG
|
||||
)
|
||||
|
||||
@staticmethod
|
||||
def can_add_role(): # Add back argument 'user_id' when you work on this
|
||||
return True
|
||||
def can_add_role(user_id): # Add back argument 'user_id' when you work on this
|
||||
# TODO: Complete if we need a Role Addition limit
|
||||
# return crafty_permissions.can_add_in_crafty(
|
||||
# user_id, Enum_Permissions_Crafty.Roles_Config
|
||||
# )
|
||||
return PermissionsCrafty.can_add_in_crafty(
|
||||
user_id, EnumPermissionsCrafty.ROLES_CONFIG
|
||||
)
|
||||
|
||||
@staticmethod
|
||||
def list_all_crafty_permissions_quantity_limits():
|
||||
@ -68,6 +66,14 @@ class CraftyPermsController:
|
||||
def add_server_creation(user_id):
|
||||
return PermissionsCrafty.add_server_creation(user_id)
|
||||
|
||||
@staticmethod
|
||||
def add_user_creation(user_id):
|
||||
return PermissionsCrafty.add_user_creation(user_id)
|
||||
|
||||
@staticmethod
|
||||
def add_role_creation(user_id):
|
||||
return PermissionsCrafty.add_role_creation(user_id)
|
||||
|
||||
@staticmethod
|
||||
def get_api_key_permissions_list(key: ApiKeys):
|
||||
return PermissionsCrafty.get_api_key_permissions_list(key)
|
||||
|
||||
@ -193,6 +193,20 @@ class PermissionsCrafty:
|
||||
UserCrafty.save(user_crafty)
|
||||
return user_crafty.created_server
|
||||
|
||||
@staticmethod
|
||||
def add_user_creation(user_id):
|
||||
user_crafty = PermissionsCrafty.get_user_crafty(user_id)
|
||||
user_crafty.created_user += 1
|
||||
UserCrafty.save(user_crafty)
|
||||
return user_crafty.created_user
|
||||
|
||||
@staticmethod
|
||||
def add_role_creation(user_id):
|
||||
user_crafty = PermissionsCrafty.get_user_crafty(user_id)
|
||||
user_crafty.created_role += 1
|
||||
UserCrafty.save(user_crafty)
|
||||
return user_crafty.created_role
|
||||
|
||||
@staticmethod
|
||||
def get_api_key_permissions_list(key: ApiKeys):
|
||||
user = HelperUsers.get_user(key.user_id)
|
||||
|
||||
@ -768,6 +768,7 @@ class PanelHandler(BaseHandler):
|
||||
page_data["user"]["last_update"] = "N/A"
|
||||
page_data["user"]["roles"] = set()
|
||||
page_data["user"]["hints"] = True
|
||||
page_data["superuser"] = superuser
|
||||
|
||||
if EnumPermissionsCrafty.USER_CONFIG not in exec_user_crafty_permissions:
|
||||
self.redirect(
|
||||
@ -955,6 +956,7 @@ class PanelHandler(BaseHandler):
|
||||
page_data["role-servers"] = page_role_servers
|
||||
page_data["roles_all"] = self.controller.roles.get_all_roles()
|
||||
page_data["servers_all"] = self.controller.list_defined_servers()
|
||||
page_data["superuser"] = superuser
|
||||
page_data[
|
||||
"permissions_all"
|
||||
] = self.controller.crafty_perms.list_defined_crafty_permissions()
|
||||
@ -1927,6 +1929,12 @@ class PanelHandler(BaseHandler):
|
||||
"/panel/error?error=Unauthorized access: not a user editor"
|
||||
)
|
||||
return
|
||||
|
||||
if not self.controller.crafty_perms.can_add_user(exec_user["user_id"]):
|
||||
self.redirect(
|
||||
"/panel/error?error=Unauthorized access: quantity limit reached"
|
||||
)
|
||||
return
|
||||
elif username is None or username == "":
|
||||
self.redirect("/panel/error?error=Invalid username")
|
||||
return
|
||||
@ -1971,6 +1979,7 @@ class PanelHandler(BaseHandler):
|
||||
server_id=0,
|
||||
source_ip=self.get_remote_ip(),
|
||||
)
|
||||
self.controller.crafty_perms.add_user_creation(exec_user["user_id"])
|
||||
self.redirect("/panel/panel_config")
|
||||
|
||||
elif page == "edit_role":
|
||||
@ -2018,6 +2027,11 @@ class PanelHandler(BaseHandler):
|
||||
"/panel/error?error=Unauthorized access: not a role editor"
|
||||
)
|
||||
return
|
||||
elif not self.controller.crafty_perms.can_add_role(exec_user["user_id"]):
|
||||
self.redirect(
|
||||
"/panel/error?error=Unauthorized access: quantity limit reached"
|
||||
)
|
||||
return
|
||||
elif role_name is None or role_name == "":
|
||||
self.redirect("/panel/error?error=Invalid role name")
|
||||
return
|
||||
@ -2047,6 +2061,7 @@ class PanelHandler(BaseHandler):
|
||||
server_id=0,
|
||||
source_ip=self.get_remote_ip(),
|
||||
)
|
||||
self.controller.crafty_perms.add_role_creation(exec_user["user_id"])
|
||||
self.redirect("/panel/panel_config")
|
||||
|
||||
else:
|
||||
|
||||
@ -158,13 +158,14 @@
|
||||
</div>
|
||||
|
||||
<!-- Put Permissions Crafty part here -->
|
||||
|
||||
{% if data['superuser'] %}
|
||||
<div class="card">
|
||||
<div class="card-header header-sm d-flex justify-content-between align-items-center">
|
||||
<h4 class="card-title"><i class="fas fa-user-lock"></i> {{ translate('userConfig', 'craftyPerms',
|
||||
data['lang']) }} <small class="text-muted ml-1"> - {{ translate('userConfig', 'craftyPermDesc',
|
||||
data['lang']) }}</small></h4>
|
||||
</div>
|
||||
|
||||
<div class="card-body">
|
||||
<div class="form-group">
|
||||
<div class="table-responsive">
|
||||
@ -200,7 +201,7 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{% end %}
|
||||
<div class="form-check-flat">
|
||||
<label for="enabled" class="form-check-label ml-4 mb-4">
|
||||
{% if data['user']['enabled'] %}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user