llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 04:10:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: get-user API respects org's account item's view rules now (#3882)

Browse Source
This commit is contained in:
DacongDA
2025-06-16 20:09:21 +08:00
committed by GitHub
parent 12cc0f429e
commit 6dc7b4d533
3 changed files with 121 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
object/user.go
View File

@ -661,6 +661,62 @@ func GetMaskedUser(user *User, isAdminOrSelf bool, errs ...error) (*User, error)
return user, nil
}
func GetFilteredUser(user *User, isAdmin bool, isAdminOrSelf bool, accountItems []*AccountItem) (*User, error) {
if accountItems == nil || len(accountItems) == 0 {
return user, nil
}
userFieldMap := map[string]int{}
reflectedUserField := reflect.TypeOf(User{})
for i := 0; i < reflectedUserField.NumField(); i++ {
userFieldMap[strings.ToLower(reflectedUserField.Field(i).Name)] = i
}
reflectedUser := reflect.ValueOf(user).Elem()
for _, accountItem := range accountItems {
if accountItem.ViewRule == "Public" {
continue
} else if accountItem.ViewRule == "Self" && isAdminOrSelf {
continue
} else if accountItem.ViewRule == "Admin" && isAdmin {
continue
}
lowerCaseAccountItemName := strings.ToLower(accountItem.Name)
lowerCaseAccountItemName = strings.ReplaceAll(lowerCaseAccountItemName, " ", "")
switch accountItem.Name {
case "Multi-factor authentication":
lowerCaseAccountItemName = strings.ToLower("PreferredMfaType")
case "User type":
lowerCaseAccountItemName = "type"
case "Country/Region":
lowerCaseAccountItemName = "region"
case "ID card info":
{
infoKeys := []string{"idCardWithPerson", "idCardFront", "idCardWithPerson"}
for _, infoKey := range infoKeys {
if _, ok := user.Properties[infoKey]; ok {
user.Properties[infoKey] = ""
}
}
continue
}
}
fieldIdx, ok := userFieldMap[lowerCaseAccountItemName]
if !ok {
continue
}
reflectedUser.Field(fieldIdx).SetZero()
}
return user, nil
}
func GetMaskedUsers(users []*User, errs ...error) ([]*User, error) {
if len(errs) > 0 && errs[0] != nil {
return nil, errs[0]