Allow global admin to modify username.

2025-09-09 20:32:55 +08:00 · 2022-01-13 23:19:36 +08:00
parent fe48c38bc6
commit b91b4aec91
5 changed files with 15 additions and 4 deletions
--- a/controllers/base.go
+++ b/controllers/base.go
@@ -18,6 +18,7 @@ import (
 	"time"
 	"github.com/astaxie/beego"
 	"github.com/casbin/casdoor/object"
 	"github.com/casbin/casdoor/util"
 )
@@ -35,6 +36,12 @@ type SessionData struct {
 	ExpireTime int64
 }
 func (c *ApiController) IsGlobalAdmin() bool {
 	username := c.GetSessionUsername()
 	user := object.GetUser(username)
 	return user.Owner == "built-in" || user.IsGlobalAdmin
 }
 // GetSessionUsername ...
 func (c *ApiController) GetSessionUsername() string {
 	// check if user session expired
--- a/controllers/resource.go
+++ b/controllers/resource.go
@@ -202,7 +202,7 @@ func (c *ApiController) UploadResource() {
 		}
 		user.Avatar = fileUrl
-		object.UpdateUser(user.GetId(), user, []string{"avatar"})
+		object.UpdateUser(user.GetId(), user, []string{"avatar"}, false)
 	case "termsOfUse":
 		applicationId := fmt.Sprintf("admin/%s", parent)
 		app := object.GetApplication(applicationId)
--- a/controllers/user.go
+++ b/controllers/user.go
@@ -125,7 +125,8 @@ func (c *ApiController) UpdateUser() {
 		columns = strings.Split(columnsStr, ",")
 	}
-	affected := object.UpdateUser(id, &user, columns)
+	isGlobalAdmin := c.IsGlobalAdmin()
 	affected := object.UpdateUser(id, &user, columns, isGlobalAdmin)
 	if affected {
 		object.UpdateUserToOriginalDatabase(&user)
 	}
--- a/object/user.go
+++ b/object/user.go
@@ -270,7 +270,7 @@ func GetLastUser(owner string) *User {
 	return nil
 }
-func UpdateUser(id string, user *User, columns []string) bool {
+func UpdateUser(id string, user *User, columns []string, isGlobalAdmin bool) bool {
 	owner, name := util.GetOwnerAndNameFromIdNoCheck(id)
 	oldUser := getUser(owner, name)
 	if oldUser == nil {
@@ -288,6 +288,9 @@ func UpdateUser(id string, user *User, columns []string) bool {
 			"location", "address", "region", "language", "affiliation", "title", "homepage", "bio", "score", "tag",
 			"is_admin", "is_global_admin", "is_forbidden", "is_deleted", "hash", "is_default_avatar", "properties"}
 	}
 	if isGlobalAdmin {
 		columns = append(columns, "name")
 	}
 	affected, err := adapter.Engine.ID(core.PK{owner, name}).Cols(columns...).Update(user)
 	if err != nil {
--- a/web/src/UserEditPage.js
+++ b/web/src/UserEditPage.js
@@ -140,7 +140,7 @@ class UserEditPage extends React.Component {
            {Setting.getLabel(i18next.t("general:Name"), i18next.t("general:Name - Tooltip"))} :
          </Col>
          <Col span={22} >
-            <Input value={this.state.user.name} disabled={true} onChange={e => {
+            <Input value={this.state.user.name} disabled={!Setting.isAdminUser(this.props.account)} onChange={e => {
              this.updateUserField('name', e.target.value);
            }} />
          </Col>