Show access secret if isAdminOrSelf is true in get-user and get-account APIs

2025-07-03 04:10:20 +08:00 · 2023-07-19 19:14:53 +08:00
parent 5c441d195c
commit 38f031bc86
5 changed files with 26 additions and 7 deletions
--- a/controllers/base.go
+++ b/controllers/base.go
@ -55,6 +55,18 @@ func (c *ApiController) IsAdmin() bool {
 	return isGlobalAdmin || user.IsAdmin
 }

+func (c *ApiController) IsAdminOrSelf(user2 *object.User) bool {
+	isGlobalAdmin, user := c.isGlobalAdmin()
+	if isGlobalAdmin || (user != nil && user.IsAdmin) {
+		return true
+	}
+
+	if user.Owner == user2.Owner && user.Name == user2.Name {
+		return true
+	}
+	return false
+}
+
 func (c *ApiController) isGlobalAdmin() (bool, *object.User) {
 	username := c.GetSessionUsername()
 	if strings.HasPrefix(username, "app/") {