mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-11-22 12:52:50 +03:00
Fixed device access control when using ManageAllDeviceGroups.
This commit is contained in:
parent
feb32745ed
commit
cae876fd43
@ -1411,7 +1411,15 @@ function CreateMeshCentralServer(config, args) {
|
||||
|
||||
// Setup users that can see all device groups
|
||||
obj.config.settings.managealldevicegroups = [];
|
||||
for (i in obj.config.domains) { if (Array.isArray(obj.config.domains[i].managealldevicegroups)) { for (var j in obj.config.domains[i].managealldevicegroups) { if (typeof obj.config.domains[i].managealldevicegroups[j] == 'string') { obj.config.settings.managealldevicegroups.push('user/' + i + '/' + obj.config.domains[i].managealldevicegroups[j]); } } } }
|
||||
for (i in obj.config.domains) {
|
||||
if (Array.isArray(obj.config.domains[i].managealldevicegroups)) {
|
||||
for (var j in obj.config.domains[i].managealldevicegroups) {
|
||||
if (typeof obj.config.domains[i].managealldevicegroups[j] == 'string') {
|
||||
obj.config.settings.managealldevicegroups.push('user/' + i + '/' + obj.config.domains[i].managealldevicegroups[j]);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
});
|
||||
};
|
||||
|
@ -4541,6 +4541,11 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
db.Get(nodeid, function (err, nodes) {
|
||||
if ((nodes == null) || (nodes.length != 1)) { func(null, 0, false); return; } // No such nodeid
|
||||
|
||||
// This is a super user that can see all device groups for a given domain
|
||||
if ((user.siteadmin == 0xFFFFFFFF) && (parent.config.settings.managealldevicegroups.indexOf(user._id) >= 0) && (nodes[0].domain == user.domain)) {
|
||||
func(nodes[0], 0xFFFFFFFF, true); return;
|
||||
}
|
||||
|
||||
// Check device link
|
||||
var rights = 0, visible = false, r = user.links[nodeid];
|
||||
if (r != null) {
|
||||
|
Loading…
Reference in New Issue
Block a user