Improve org admin permissions

2025-07-03 12:30:19 +08:00 · 2022-10-07 15:59:23 +08:00
parent 0a9058a585
commit d3a2c2a66e
1 changed files with 8 additions and 0 deletions
--- a/authz/authz.go
+++ b/authz/authz.go
@ -15,12 +15,14 @@
 package authz

 import (
+	"fmt"
 	"strings"

 	"github.com/casbin/casbin/v2"
 	"github.com/casbin/casbin/v2/model"
 	xormadapter "github.com/casbin/xorm-adapter/v3"
 	"github.com/casdoor/casdoor/conf"
+	"github.com/casdoor/casdoor/object"
 	stringadapter "github.com/qiangmzsx/string-adapter/v2"
 )

@ -138,6 +140,12 @@ func IsAllowed(subOwner string, subName string, method string, urlPath string, o
 		}
 	}

+	userId := fmt.Sprintf("%s/%s", subOwner, subName)
+	user := object.GetUser(userId)
+	if user != nil && user.IsAdmin && subOwner == objOwner {
+		return true
+	}
+
 	res, err := Enforcer.Enforce(subOwner, subName, method, urlPath, objOwner, objName)
 	if err != nil {
 		panic(err)