jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add user management scope

Browse Source 
This splits the user and groups API into those who have just 'read' access
and those who have 'manage' access.
This commit is contained in:
Girish Ramakrishnan
2018-06-25 15:54:24 -07:00
parent 7ab5d5e50d
commit f932f8b3d3
7 changed files with 31 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/users.js
View File

@@ -4,6 +4,7 @@ exports = module.exports = {
UsersError: UsersError,
removePrivateFields: removePrivateFields,
removeRestrictedFields: removeRestrictedFields,
list: list,
create: create,
@@ -129,10 +130,16 @@ function validatePassword(password) {
return null;
}
// remove all fields that should never be sent out via REST API
function removePrivateFields(user) {
return _.pick(user, 'id', 'username', 'email', 'fallbackEmail', 'displayName', 'groupIds', 'admin');
}
// remove all fields that Non-privileged users must not see
function removeRestrictedFields(user) {
return _.pick(user, 'id', 'username', 'email', 'displayName');
}
function create(username, password, email, displayName, options, auditSource, callback) {
assert(username === null || typeof username === 'string');
assert(password === null || typeof password === 'string');