mirror of https://github.com/Xhofe/alist
feat(user): Enhanced role assignment logic (#9297)
- Imported the `utils` package - Modified the role assignment logic to prevent assigning administrator or guest roles to userspull/9299/head
parent
3bf0af1e68
commit
84adba3acc
|
@ -1,9 +1,10 @@
|
|||
package handles
|
||||
|
||||
import (
|
||||
"github.com/alist-org/alist/v3/pkg/utils"
|
||||
"strconv"
|
||||
|
||||
"github.com/alist-org/alist/v3/pkg/utils"
|
||||
|
||||
"github.com/alist-org/alist/v3/internal/model"
|
||||
"github.com/alist-org/alist/v3/internal/op"
|
||||
"github.com/alist-org/alist/v3/server/common"
|
||||
|
@ -97,6 +98,14 @@ func UpdateUser(c *gin.Context) {
|
|||
return
|
||||
}
|
||||
}
|
||||
|
||||
if !utils.SliceEqual(user.Role, req.Role) {
|
||||
if req.IsAdmin() || req.IsGuest() {
|
||||
common.ErrorStrResp(c, "cannot assign admin or guest role to user", 400, true)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if err := op.UpdateUser(&req); err != nil {
|
||||
common.ErrorResp(c, err, 500)
|
||||
} else {
|
||||
|
|
Loading…
Reference in New Issue