feat: list access tokens by admin (#2434)

* Allow admin user list access_tokens of anyone * fix undefined variable * Update api/v2/user_service.go --------- Co-authored-by: boojack <stevenlgtm@gmail.com>
2024-12-18 16:41:44 +03:00 · 2023-10-24 18:51:01 +08:00 · 2023-10-24 18:51:01 +08:00 · 496cde87b2
commit 496cde87b2
parent 79bbe4b82a
1 changed files with 6 additions and 1 deletions
--- a/api/v2/user_service.go
+++ b/api/v2/user_service.go
@ -156,7 +156,12 @@ func (s *UserService) ListUserAccessTokens(ctx context.Context, request *apiv2pb
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed to get current user: %v", err)
 	}
-	if user == nil || user.Username != request.Username {
+	if user == nil {
+		return nil, status.Errorf(codes.PermissionDenied, "permission denied")
+	}
+
+	// Normal users can only list their access tokens.
+	if user.Role == store.RoleUser && user.Username != request.Username {
 		return nil, status.Errorf(codes.PermissionDenied, "permission denied")
 	}