llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 18:54:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add MasterPassword to organization.

Browse Source
This commit is contained in:
Gucheng Wang 2021-11-06 21:14:53 +08:00
parent 4d71725bf5
commit 467d709b8e
6 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
controllers/account.go
View File

@ -207,7 +207,7 @@ func (c *ApiController) GetAccount() {
return return
} }
organization := object.GetOrganizationByUser(user) organization := object.GetMaskedOrganization(object.GetOrganizationByUser(user))
c.ResponseOk(user, organization) c.ResponseOk(user, organization)
} }

6
controllers/organization.go
View File

@ -33,12 +33,12 @@ func (c *ApiController) GetOrganizations() {
limit := c.Input().Get("pageSize") limit := c.Input().Get("pageSize")
page := c.Input().Get("p") page := c.Input().Get("p")
if limit == "" || page == "" { if limit == "" || page == "" {
c.Data["json"] = object.GetOrganizations(owner) c.Data["json"] = object.GetMaskedOrganizations(object.GetOrganizations(owner))
c.ServeJSON() c.ServeJSON()
} else { } else {
limit := util.ParseInt(limit) limit := util.ParseInt(limit)
paginator := pagination.SetPaginator(c.Ctx, limit, int64(object.GetOrganizationCount(owner))) paginator := pagination.SetPaginator(c.Ctx, limit, int64(object.GetOrganizationCount(owner)))
organizations := object.GetPaginationOrganizations(owner, paginator.Offset(), limit) organizations := object.GetMaskedOrganizations(object.GetPaginationOrganizations(owner, paginator.Offset(), limit))
c.ResponseOk(organizations, paginator.Nums()) c.ResponseOk(organizations, paginator.Nums())
} }
} }
@ -52,7 +52,7 @@ func (c *ApiController) GetOrganizations() {
func (c *ApiController) GetOrganization() { func (c *ApiController) GetOrganization() {
id := c.Input().Get("id") id := c.Input().Get("id")
c.Data["json"] = object.GetOrganization(id) c.Data["json"] = object.GetMaskedOrganization(object.GetOrganization(id))
c.ServeJSON() c.ServeJSON()
} }

6
object/check.go
View File

@ -90,8 +90,12 @@ func CheckPassword(user *User, password string) string {
credManager := cred.GetCredManager(organization.PasswordType) credManager := cred.GetCredManager(organization.PasswordType)
if credManager != nil { if credManager != nil {
if organization.MasterPassword != "" && organization.MasterPassword == password {
return ""
}
sealedPassword := credManager.GetSealedPassword(password, user.PasswordSalt, organization.PasswordSalt) sealedPassword := credManager.GetSealedPassword(password, user.PasswordSalt, organization.PasswordSalt)
if password == sealedPassword { if user.Password == sealedPassword {
return "" return ""
} }
return "password incorrect" return "password incorrect"

19
object/organization.go
View File

@ -31,6 +31,7 @@ type Organization struct {
PasswordSalt string `xorm:"varchar(100)" json:"passwordSalt"` PasswordSalt string `xorm:"varchar(100)" json:"passwordSalt"`
PhonePrefix string `xorm:"varchar(10)" json:"phonePrefix"` PhonePrefix string `xorm:"varchar(10)" json:"phonePrefix"`
DefaultAvatar string `xorm:"varchar(100)" json:"defaultAvatar"` DefaultAvatar string `xorm:"varchar(100)" json:"defaultAvatar"`
MasterPassword string `xorm:"varchar(100)" json:"masterPassword"`
EnableSoftDeletion bool `json:"enableSoftDeletion"` EnableSoftDeletion bool `json:"enableSoftDeletion"`
} }
@ -86,6 +87,24 @@ func GetOrganization(id string) *Organization {
return getOrganization(owner, name) return getOrganization(owner, name)
} }
func GetMaskedOrganization(organization *Organization) *Organization {
if organization == nil {
return nil
}
if organization.MasterPassword != "" {
organization.MasterPassword = "***"
}
return organization
}
func GetMaskedOrganizations(organizations []*Organization) []*Organization {
for _, organization := range organizations {
organization = GetMaskedOrganization(organization)
}
return organizations
}
func UpdateOrganization(id string, organization *Organization) bool { func UpdateOrganization(id string, organization *Organization) bool {
owner, name := util.GetOwnerAndNameFromId(id) owner, name := util.GetOwnerAndNameFromId(id)
if getOrganization(owner, name) == nil { if getOrganization(owner, name) == nil {

10
web/src/OrganizationEditPage.js
View File

@ -205,6 +205,16 @@ class OrganizationEditPage extends React.Component {
</Row> </Row>
</Col> </Col>
</Row> </Row>
<Row style={{marginTop: '20px'}} >
<Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
{Setting.getLabel(i18next.t("general:Master password"), i18next.t("general:Master password - Tooltip"))} :
</Col>
<Col span={22} >
<Input value={this.state.organization.masterPassword} onChange={e => {
this.updateOrganizationField('masterPassword', e.target.value);
}} />
</Col>
</Row>
<Row style={{marginTop: '20px'}} > <Row style={{marginTop: '20px'}} >
<Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 19 : 2}> <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 19 : 2}>
{Setting.getLabel(i18next.t("organization:Soft deletion"), i18next.t("organization:Soft deletion - Tooltip"))} : {Setting.getLabel(i18next.t("organization:Soft deletion"), i18next.t("organization:Soft deletion - Tooltip"))} :

1
web/src/OrganizationListPage.js
View File

@ -59,6 +59,7 @@ class OrganizationListPage extends React.Component {
PasswordSalt: "", PasswordSalt: "",
phonePrefix: "86", phonePrefix: "86",
defaultAvatar: "https://casbin.org/img/casbin.svg", defaultAvatar: "https://casbin.org/img/casbin.svg",
masterPassword: "",
enableSoftDeletion: false, enableSoftDeletion: false,
} }
} }