llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 02:35:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix get-all-objects API 403 issue

Browse Source
This commit is contained in:
Yang Luo 2023-12-15 21:30:38 +08:00
parent b31a317585
commit 468ceb6b71
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
authz/authz.go
View File

@ -92,6 +92,9 @@ p, *, *, GET, /api/get-plan, *, *
p, *, *, GET, /api/get-subscription, *, *
p, *, *, GET, /api/get-provider, *, *
p, *, *, GET, /api/get-organization-names, *, *
p, *, *, GET, /api/get-all-objects, *, *
p, *, *, GET, /api/get-all-actions, *, *
p, *, *, GET, /api/get-all-roles, *, *
`
sa := stringadapter.NewAdapter(ruleText)

3
object/role.go
View File

@ -271,6 +271,9 @@ func getRolesByUserInternal(userId string) ([]*Role, error) {
if err != nil {
return roles, err
}
if user == nil {
return nil, fmt.Errorf("The user: %s doesn't exist", userId)
}
query := ormer.Engine.Alias("r").Where("r.users like ?", fmt.Sprintf("%%%s%%", userId))
for _, group := range user.Groups {