jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Do not allow normal admins to impersonate superadmins

Browse Source
This commit is contained in:
Johannes Zellner
2022-02-26 14:09:36 +01:00
parent bbcb596ffa
commit be40cea600
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/views/users.js
View File

@@ -3,6 +3,7 @@
/* global angular */
/* global Clipboard */
/* global async */
/* global ROLES */
/* global $ */
angular.module('Application').controller('UsersController', ['$scope', '$location', '$translate', '$timeout', 'Client', function ($scope, $location, $translate, $timeout, Client) {
@@ -71,6 +72,19 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
return (roleInt1 - roleInt2) >= 0;
};
$scope.canImpersonate = function (user) {
// only admins can impersonate
if (!$scope.userInfo.isAtLeastAdmin) return false;
// only users with username can be impersonated
if (!user.username) return false;
// normal admins cannot impersonate owners
if (!$scope.userInfo.isAtLeastOwner && [ ROLES.OWNER ].indexOf(user.role) !== -1) return false;
return true;
};
$scope.transferOwnership = {
busy: false,
error: null,