Merge branch 'revert-d0b17c8d' into 'dev'

Fix bug - non-super users could not create servers

See merge request crafty-controller/crafty-commander!245
This commit is contained in:
Andrew 2022-04-10 23:05:25 +00:00
commit 647cf57d2e
2 changed files with 77 additions and 74 deletions

View File

@ -76,31 +76,31 @@ class Users_Controller:
logger.debug(f"user: {user_data} +role:{added_roles} -role:{removed_roles}") logger.debug(f"user: {user_data} +role:{added_roles} -role:{removed_roles}")
for role in added_roles: for role in added_roles:
users_helper.get_or_create(user_id=user_id, role_id=role) users_helper.get_or_create(user_id=user_id, role_id=role)
permissions_mask = user_crafty_data.get("permissions_mask", "000") permissions_mask = user_crafty_data.get("permissions_mask", "000")
if "server_quantity" in user_crafty_data: if "server_quantity" in user_crafty_data:
limit_server_creation = user_crafty_data["server_quantity"][ limit_server_creation = user_crafty_data["server_quantity"][
Enum_Permissions_Crafty.Server_Creation.name Enum_Permissions_Crafty.Server_Creation.name
] ]
limit_user_creation = user_crafty_data["server_quantity"][ limit_user_creation = user_crafty_data["server_quantity"][
Enum_Permissions_Crafty.User_Config.name Enum_Permissions_Crafty.User_Config.name
] ]
limit_role_creation = user_crafty_data["server_quantity"][ limit_role_creation = user_crafty_data["server_quantity"][
Enum_Permissions_Crafty.Roles_Config.name Enum_Permissions_Crafty.Roles_Config.name
] ]
else: else:
limit_server_creation = 0 limit_server_creation = 0
limit_user_creation = 0 limit_user_creation = 0
limit_role_creation = 0 limit_role_creation = 0
crafty_permissions.add_or_update_user( crafty_permissions.add_or_update_user(
user_id, user_id,
permissions_mask, permissions_mask,
limit_server_creation, limit_server_creation,
limit_user_creation, limit_user_creation,
limit_role_creation, limit_role_creation,
) )
users_helper.delete_user_roles(user_id, removed_roles) users_helper.delete_user_roles(user_id, removed_roles)

View File

@ -1758,70 +1758,73 @@ class PanelHandler(BaseHandler):
superuser = True superuser = True
else: else:
superuser = False superuser = False
if not exec_user["superuser"]:
if (
Enum_Permissions_Crafty.User_Config
not in exec_user_crafty_permissions
):
if str(user_id) != str(exec_user["user_id"]):
self.redirect(
"/panel/error?error=Unauthorized access: not a user editor"
)
return
if Enum_Permissions_Crafty.User_Config not in exec_user_crafty_permissions: user_data = {
if str(user_id) != str(exec_user["user_id"]): "username": username,
self.redirect( "password": password0,
"/panel/error?error=Unauthorized access: not a user editor" "email": email,
"lang": lang,
"hints": hints,
}
self.controller.users.update_user(user_id, user_data=user_data)
self.controller.management.add_to_audit_log(
exec_user["user_id"],
f"Edited user {username} (UID:{user_id}) password",
server_id=0,
source_ip=self.get_remote_ip(),
) )
self.redirect("/panel/panel_config")
return return
elif username is None or username == "":
self.redirect("/panel/error?error=Invalid username")
return
elif user_id is None:
self.redirect("/panel/error?error=Invalid User ID")
return
else:
# does this user id exist?
if not self.controller.users.user_id_exists(user_id):
self.redirect("/panel/error?error=Invalid User ID")
return
else:
if password0 != password1:
self.redirect("/panel/error?error=Passwords must match")
return
roles = self.get_user_role_memberships()
permissions_mask, server_quantity = self.get_perms_quantity()
# if email is None or "":
# email = "default@example.com"
user_data = { user_data = {
"username": username, "username": username,
"password": password0, "password": password0,
"email": email, "email": email,
"enabled": enabled,
"roles": roles,
"lang": lang, "lang": lang,
"superuser": superuser,
"hints": hints, "hints": hints,
} }
self.controller.users.update_user(user_id, user_data=user_data) user_crafty_data = {
"permissions_mask": permissions_mask,
self.controller.management.add_to_audit_log( "server_quantity": server_quantity,
exec_user["user_id"], }
f"Edited user {username} (UID:{user_id}) password", self.controller.users.update_user(
server_id=0, user_id, user_data=user_data, user_crafty_data=user_crafty_data
source_ip=self.get_remote_ip(),
) )
self.redirect("/panel/panel_config")
return
elif username is None or username == "":
self.redirect("/panel/error?error=Invalid username")
return
elif user_id is None:
self.redirect("/panel/error?error=Invalid User ID")
return
else:
# does this user id exist?
if not self.controller.users.user_id_exists(user_id):
self.redirect("/panel/error?error=Invalid User ID")
return
if password0 != password1:
self.redirect("/panel/error?error=Passwords must match")
return
roles = self.get_user_role_memberships()
permissions_mask, server_quantity = self.get_perms_quantity()
# if email is None or "":
# email = "default@example.com"
user_data = {
"username": username,
"password": password0,
"email": email,
"enabled": enabled,
"roles": roles,
"lang": lang,
"superuser": superuser,
"hints": hints,
}
user_crafty_data = {
"permissions_mask": permissions_mask,
"server_quantity": server_quantity,
}
self.controller.users.update_user(
user_id, user_data=user_data, user_crafty_data=user_crafty_data
)
self.controller.management.add_to_audit_log( self.controller.management.add_to_audit_log(
exec_user["user_id"], exec_user["user_id"],