parra/ntfy
parra/ntfy
1
0
Fork 0
mirror of https://github.com/binwiederhier/ntfy.git synced 2025-05-30 10:25:40 +02:00
Code Releases Activity

Not really an improvemenNot really an improvementt

Browse source
This commit is contained in:
binwiederhier 2022-12-31 09:31:46 -05:00
parent bd86e3d951
commit 3d921f4570
6 changed files with 107 additions and 53 deletions

5
server/server_account.go
View file

@ -316,10 +316,13 @@ func (s *Server) handleAccountAccessAdd(w http.ResponseWriter, r *http.Request,
if !topicRegex.MatchString(req.Topic) {
return errHTTPBadRequestTopicInvalid
}
// FIXME authorize: how do I know if v.user (= auth'd user) is allowed to write the ACL entries
everyoneRead := util.Contains([]string{"read-write", "rw", "read-only", "read", "ro"}, req.Everyone)
everyoneWrite := util.Contains([]string{"read-write", "rw", "write-only", "write", "wo"}, req.Everyone)
if err := s.userManager.AllowAccess(v.user.Name, req.Topic, true, true); err != nil {
return err
}
if err := s.userManager.AllowAccess(user.Everyone, req.Topic, false, false); err != nil {
if err := s.userManager.AllowAccess(user.Everyone, req.Topic, everyoneRead, everyoneWrite); err != nil {
return err
}
w.Header().Set("Content-Type", "application/json")