llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-22 18:25:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: remove isGlobalAdmin field in user (#2235)

Browse Source 
* refactor: remove isGlobalAdmin field in user

* fix: upload xlsx

* fix: remove field in account table
This commit is contained in:
Yaodong Yu 2023-08-19 12:23:15 +08:00 committed by GitHub
parent a07216d0e1
commit e5a189e0f4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
28 changed files with 212 additions and 763 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
controllers/account.go
View File

@ -171,7 +171,6 @@ func (c *ApiController) Signup() {
Region: authForm.Region,
Score: initScore,
IsAdmin: false,
IsGlobalAdmin: false,
IsForbidden: false,
IsDeleted: false,
SignupApplication: application.Name,

3
controllers/auth.go
View File

@ -70,7 +70,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
}
// check user's tag
if !user.IsGlobalAdmin && !user.IsAdmin && len(application.Tags) > 0 {
if !user.IsGlobalAdmin() && !user.IsAdmin && len(application.Tags) > 0 {
// only users with the tag that is listed in the application tags can login
if !util.InSlice(application.Tags, user.Tag) {
c.ResponseError(fmt.Sprintf(c.T("auth:User's tag: %s is not listed in the application's tags"), user.Tag))
@ -589,7 +589,6 @@ func (c *ApiController) Login() {
Region: userInfo.CountryCode,
Score: initScore,
IsAdmin: false,
IsGlobalAdmin: false,
IsForbidden: false,
IsDeleted: false,
SignupApplication: application.Name,

2
controllers/base.go
View File

@ -79,7 +79,7 @@ func (c *ApiController) isGlobalAdmin() (bool, *object.User) {
return false, nil
}
return user.Owner == "built-in" || user.IsGlobalAdmin, user
return user.IsGlobalAdmin(), user
}
func (c *ApiController) getCurrentUser() *object.User {

4
controllers/link.go
View File

@ -45,13 +45,13 @@ func (c *ApiController) Unlink() {
// the user will be unlinked from the provider
unlinkedUser := form.User
if user.Id != unlinkedUser.Id && !user.IsGlobalAdmin {
if user.Id != unlinkedUser.Id && !user.IsGlobalAdmin() {
// if the user is not the same as the one we are unlinking, we need to make sure the user is the global admin.
c.ResponseError(c.T("link:You are not the global admin, you can't unlink other users"))
return
}
if user.Id == unlinkedUser.Id && !user.IsGlobalAdmin {
if user.Id == unlinkedUser.Id && !user.IsGlobalAdmin() {
// if the user is unlinking themselves, should check the provider can be unlinked, if not, we should return an error.
application, err := object.GetApplicationByUser(user)
if err != nil {

1
init_data.json.template
View File

@ -123,7 +123,6 @@
"score": 2000,
"ranking": 1,
"isAdmin": true,
"isGlobalAdmin": true,
"isForbidden": false,
"isDeleted": false,
"signupApplication": "",

2
ldap/server.go
View File

@ -62,7 +62,7 @@ func handleBind(w ldap.ResponseWriter, m *ldap.Message) {
return
}
if bindOrg == "built-in" || bindUser.IsGlobalAdmin {
if bindOrg == "built-in" || bindUser.IsGlobalAdmin() {
m.Client.IsGlobalAdmin, m.Client.IsOrgAdmin = true, true
} else if bindUser.IsAdmin {
m.Client.IsOrgAdmin = true

4
object/check.go
View File

@ -141,7 +141,7 @@ func checkSigninErrorTimes(user *User, lang string) string {
// reset the error times
user.SigninWrongTimes = 0
UpdateUser(user.GetId(), user, []string{"signin_wrong_times"}, user.IsGlobalAdmin)
UpdateUser(user.GetId(), user, []string{"signin_wrong_times"}, false)
}
return ""
@ -319,7 +319,7 @@ func CheckUserPermission(requestUserId, userId string, strict bool, lang string)
if requestUser == nil {
return false, fmt.Errorf(i18n.Translate(lang, "check:Session outdated, please login again"))
}
if requestUser.IsGlobalAdmin {
if requestUser.IsGlobalAdmin() {
hasPermission = true
} else if requestUserId == userId {
hasPermission = true

4
object/check_util.go
View File

@ -42,7 +42,7 @@ func resetUserSigninErrorTimes(user *User) {
return
}
user.SigninWrongTimes = 0
UpdateUser(user.GetId(), user, []string{"signin_wrong_times", "last_signin_wrong_time"}, user.IsGlobalAdmin)
UpdateUser(user.GetId(), user, []string{"signin_wrong_times", "last_signin_wrong_time"}, false)
}
func recordSigninErrorInfo(user *User, lang string, options ...bool) string {
@ -61,7 +61,7 @@ func recordSigninErrorInfo(user *User, lang string, options ...bool) string {
}
// update user
UpdateUser(user.GetId(), user, []string{"signin_wrong_times", "last_signin_wrong_time"}, user.IsGlobalAdmin)
UpdateUser(user.GetId(), user, []string{"signin_wrong_times", "last_signin_wrong_time"}, false)
leftChances := SigninWrongTimesLimit - user.SigninWrongTimes
if leftChances == 0 && enableCaptcha {
return fmt.Sprint(i18n.Translate(lang, "check:password or code is incorrect"))

2
object/init.go
View File

@ -73,7 +73,6 @@ func getBuiltInAccountItems() []*AccountItem {
{Name: "3rd-party logins", Visible: true, ViewRule: "Self", ModifyRule: "Self"},
{Name: "Properties", Visible: false, ViewRule: "Admin", ModifyRule: "Admin"},
{Name: "Is admin", Visible: true, ViewRule: "Admin", ModifyRule: "Admin"},
{Name: "Is global admin", Visible: true, ViewRule: "Admin", ModifyRule: "Admin"},
{Name: "Is forbidden", Visible: true, ViewRule: "Admin", ModifyRule: "Admin"},
{Name: "Is deleted", Visible: true, ViewRule: "Admin", ModifyRule: "Admin"},
{Name: "Multi-factor authentication", Visible: true, ViewRule: "Self", ModifyRule: "Self"},
@ -145,7 +144,6 @@ func initBuiltInUser() {
Score: 2000,
Ranking: 1,
IsAdmin: true,
IsGlobalAdmin: true,
IsForbidden: false,
IsDeleted: false,
SignupApplication: "app-built-in",

4
object/mfa.go
View File

@ -84,7 +84,7 @@ func MfaRecover(user *User, recoveryCode string) error {
return fmt.Errorf("recovery code not found")
}
_, err := UpdateUser(user.GetId(), user, []string{"recovery_codes"}, user.IsAdminUser())
_, err := UpdateUser(user.GetId(), user, []string{"recovery_codes"}, false)
if err != nil {
return err
}
@ -181,7 +181,7 @@ func DisabledMultiFactorAuth(user *User) error {
func SetPreferredMultiFactorAuth(user *User, mfaType string) error {
user.PreferredMfaType = mfaType
_, err := UpdateUser(user.GetId(), user, []string{"preferred_mfa_type"}, user.IsAdminUser())
_, err := UpdateUser(user.GetId(), user, []string{"preferred_mfa_type"}, false)
if err != nil {
return err
}

2
object/oidc_discovery.go
View File

@ -103,7 +103,7 @@ func GetOidcDiscovery(host string) OidcDiscovery {
SubjectTypesSupported: []string{"public"},
IdTokenSigningAlgValuesSupported: []string{"RS256"},
ScopesSupported: []string{"openid", "email", "profile", "address", "phone", "offline_access"},
ClaimsSupported: []string{"iss", "ver", "sub", "aud", "iat", "exp", "id", "type", "displayName", "avatar", "permanentAvatar", "email", "phone", "location", "affiliation", "title", "homepage", "bio", "tag", "region", "language", "score", "ranking", "isOnline", "isAdmin", "isGlobalAdmin", "isForbidden", "signupApplication", "ldap"},
ClaimsSupported: []string{"iss", "ver", "sub", "aud", "iat", "exp", "id", "type", "displayName", "avatar", "permanentAvatar", "email", "phone", "location", "affiliation", "title", "homepage", "bio", "tag", "region", "language", "score", "ranking", "isOnline", "isAdmin", "isForbidden", "signupApplication", "ldap"},
RequestParameterSupported: true,
RequestObjectSigningAlgValuesSupported: []string{"HS256", "HS384", "HS512"},
EndSessionEndpoint: fmt.Sprintf("%s/api/logout", originBackend),

3
object/syncer_util.go
View File

@ -154,8 +154,6 @@ func (syncer *Syncer) setUserByKeyValue(user *User, key string, value string) {
user.IsOnline = util.ParseBool(value)
case "IsAdmin":
user.IsAdmin = util.ParseBool(value)
case "IsGlobalAdmin":
user.IsGlobalAdmin = util.ParseBool(value)
case "IsForbidden":
user.IsForbidden = util.ParseBool(value)
case "IsDeleted":
@ -289,7 +287,6 @@ func (syncer *Syncer) getMapFromOriginalUser(user *OriginalUser) map[string]stri
m["IsDefaultAvatar"] = util.BoolToString(user.IsDefaultAvatar)
m["IsOnline"] = util.BoolToString(user.IsOnline)
m["IsAdmin"] = util.BoolToString(user.IsAdmin)
m["IsGlobalAdmin"] = util.BoolToString(user.IsGlobalAdmin)
m["IsForbidden"] = util.BoolToString(user.IsForbidden)
m["IsDeleted"] = util.BoolToString(user.IsDeleted)
m["CreatedIp"] = user.CreatedIp

1
object/token.go
View File

@ -824,7 +824,6 @@ func GetWechatMiniProgramToken(application *Application, code string, host strin
Type: "normal-user",
CreatedTime: util.GetCurrentTime(),
IsAdmin: false,
IsGlobalAdmin: false,
IsForbidden: false,
IsDeleted: false,
Properties: map[string]string{

2
object/token_jwt.go
View File

@ -73,7 +73,6 @@ type UserWithoutThirdIdp struct {
IsDefaultAvatar bool `json:"isDefaultAvatar"`
IsOnline bool `json:"isOnline"`
IsAdmin bool `json:"isAdmin"`
IsGlobalAdmin bool `json:"isGlobalAdmin"`
IsForbidden bool `json:"isForbidden"`
IsDeleted bool `json:"isDeleted"`
SignupApplication string `xorm:"varchar(100)" json:"signupApplication"`
@ -154,7 +153,6 @@ func getUserWithoutThirdIdp(user *User) *UserWithoutThirdIdp {
IsDefaultAvatar: user.IsDefaultAvatar,
IsOnline: user.IsOnline,
IsAdmin: user.IsAdmin,
IsGlobalAdmin: user.IsGlobalAdmin,
IsForbidden: user.IsForbidden,
IsDeleted: user.IsDeleted,
SignupApplication: user.SignupApplication,

13
object/user.go
View File

@ -83,7 +83,6 @@ type User struct {
IsDefaultAvatar bool `json:"isDefaultAvatar"`
IsOnline bool `json:"isOnline"`
IsAdmin bool `json:"isAdmin"`
IsGlobalAdmin bool `json:"isGlobalAdmin"`
IsForbidden bool `json:"isForbidden"`
IsDeleted bool `json:"isDeleted"`
SignupApplication string `xorm:"varchar(100)" json:"signupApplication"`
@ -530,7 +529,7 @@ func UpdateUser(id string, user *User, columns []string, isAdmin bool) (bool, er
columns = []string{
"owner", "display_name", "avatar",
"location", "address", "country_code", "region", "language", "affiliation", "title", "homepage", "bio", "tag", "language", "gender", "birthday", "education", "score", "karma", "ranking", "signup_application",
"is_admin", "is_global_admin", "is_forbidden", "is_deleted", "hash", "is_default_avatar", "properties", "webauthnCredentials", "managedAccounts",
"is_admin", "is_forbidden", "is_deleted", "hash", "is_default_avatar", "properties", "webauthnCredentials", "managedAccounts",
"signin_wrong_times", "last_signin_wrong_time", "groups", "access_key", "access_secret",
"github", "google", "qq", "wechat", "facebook", "dingtalk", "weibo", "gitee", "linkedin", "wecom", "lark", "gitlab", "adfs",
"baidu", "alipay", "casdoor", "infoflow", "apple", "azuread", "slack", "steam", "bilibili", "okta", "douyin", "line", "amazon",
@ -891,5 +890,13 @@ func (user *User) IsApplicationAdmin(application *Application) bool {
return false
}
return (user.Owner == application.Organization && user.IsAdmin) || user.IsGlobalAdmin
return (user.Owner == application.Organization && user.IsAdmin) || user.IsGlobalAdmin()
}
func (user *User) IsGlobalAdmin() bool {
if user == nil {
return false
}
return user.Owner == "built-in"
}

13
object/user_upload.go
View File

@ -124,15 +124,14 @@ func UploadUsers(owner string, fileId string) (bool, error) {
IsDefaultAvatar: false,
IsOnline: parseLineItemBool(&line, 31),
IsAdmin: parseLineItemBool(&line, 32),
IsGlobalAdmin: parseLineItemBool(&line, 33),
IsForbidden: parseLineItemBool(&line, 34),
IsDeleted: parseLineItemBool(&line, 35),
SignupApplication: parseLineItem(&line, 36),
IsForbidden: parseLineItemBool(&line, 33),
IsDeleted: parseLineItemBool(&line, 34),
SignupApplication: parseLineItem(&line, 35),
Hash: "",
PreHash: "",
CreatedIp: parseLineItem(&line, 37),
LastSigninTime: parseLineItem(&line, 38),
LastSigninIp: parseLineItem(&line, 39),
CreatedIp: parseLineItem(&line, 36),
LastSigninTime: parseLineItem(&line, 37),
LastSigninIp: parseLineItem(&line, 38),
Ldap: "",
Properties: map[string]string{},
}

7
object/user_util.go
View File

@ -310,10 +310,7 @@ func CheckPermissionForUpdateUser(oldUser, newUser *User, isAdmin bool, lang str
item := GetAccountItemByName("Is admin", organization)
itemsChanged = append(itemsChanged, item)
}
if oldUser.IsGlobalAdmin != newUser.IsGlobalAdmin {
item := GetAccountItemByName("Is global admin", organization)
itemsChanged = append(itemsChanged, item)
}
if oldUser.IsForbidden != newUser.IsForbidden {
item := GetAccountItemByName("Is forbidden", organization)
itemsChanged = append(itemsChanged, item)
@ -351,5 +348,5 @@ func (user *User) IsAdminUser() bool {
return false
}
return user.IsAdmin || user.IsGlobalAdmin
return user.IsAdmin || user.IsGlobalAdmin()
}

517
swagger/swagger.json
View File

@ -131,34 +131,6 @@
}
}
},
"/api/add-chat": {
"post": {
"tags": [
"Chat API"
],
"description": "add chat",
"operationId": "ApiController.AddChat",
"parameters": [
{
"in": "body",
"name": "body",
"description": "The details of the chat",
"required": true,
"schema": {
"$ref": "#/definitions/object.Chat"
}
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"$ref": "#/definitions/controllers.Response"
}
}
}
}
},
"/api/add-enforcer": {
"post": {
"tags": [
@ -243,34 +215,6 @@
}
}
},
"/api/add-message": {
"post": {
"tags": [
"Message API"
],
"description": "add message",
"operationId": "ApiController.AddMessage",
"parameters": [
{
"in": "body",
"name": "body",
"description": "The details of the message",
"required": true,
"schema": {
"$ref": "#/definitions/object.Message"
}
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"$ref": "#/definitions/controllers.Response"
}
}
}
}
},
"/api/add-model": {
"post": {
"tags": [
@ -1077,34 +1021,6 @@
}
}
},
"/api/delete-chat": {
"post": {
"tags": [
"Chat API"
],
"description": "delete chat",
"operationId": "ApiController.DeleteChat",
"parameters": [
{
"in": "body",
"name": "body",
"description": "The details of the chat",
"required": true,
"schema": {
"$ref": "#/definitions/object.Chat"
}
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"$ref": "#/definitions/controllers.Response"
}
}
}
}
},
"/api/delete-enforcer": {
"post": {
"tags": [
@ -1189,34 +1105,6 @@
}
}
},
"/api/delete-message": {
"post": {
"tags": [
"Message API"
],
"description": "delete message",
"operationId": "ApiController.DeleteMessage",
"parameters": [
{
"in": "body",
"name": "body",
"description": "The details of the message",
"required": true,
"schema": {
"$ref": "#/definitions/object.Message"
}
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"$ref": "#/definitions/controllers.Response"
}
}
}
}
},
"/api/delete-mfa/": {
"post": {
"tags": [
@ -1964,56 +1852,18 @@
}
}
},
"/api/get-chat": {
"/api/get-dashboard": {
"get": {
"tags": [
"Chat API"
],
"description": "get chat",
"operationId": "ApiController.GetChat",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id ( owner/name ) of the chat",
"required": true,
"type": "string"
}
"GetDashboard API"
],
"description": "get information of dashboard",
"operationId": "ApiController.GetDashboard",
"responses": {
"200": {
"description": "The Response object",
"schema": {
"$ref": "#/definitions/object.Chat"
}
}
}
}
},
"/api/get-chats": {
"get": {
"tags": [
"Chat API"
],
"description": "get chats",
"operationId": "ApiController.GetChats",
"parameters": [
{
"in": "query",
"name": "owner",
"description": "The owner of chats",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/object.Chat"
}
"$ref": "#/definitions/controllers.Response"
}
}
}
@ -2319,87 +2169,6 @@
}
}
},
"/api/get-message": {
"get": {
"tags": [
"Message API"
],
"description": "get message",
"operationId": "ApiController.GetMessage",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id ( owner/name ) of the message",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"$ref": "#/definitions/object.Message"
}
}
}
}
},
"/api/get-message-answer": {
"get": {
"tags": [
"Message API"
],
"description": "get message answer",
"operationId": "ApiController.GetMessageAnswer",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id ( owner/name ) of the message",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"$ref": "#/definitions/object.Message"
}
}
}
}
},
"/api/get-messages": {
"get": {
"tags": [
"Message API"
],
"description": "get messages",
"operationId": "ApiController.GetMessages",
"parameters": [
{
"in": "query",
"name": "owner",
"description": "The owner of messages",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/object.Message"
}
}
}
}
}
},
"/api/get-model": {
"get": {
"tags": [
@ -4481,41 +4250,6 @@
}
}
},
"/api/update-chat": {
"post": {
"tags": [
"Chat API"
],
"description": "update chat",
"operationId": "ApiController.UpdateChat",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id ( owner/name ) of the chat",
"required": true,
"type": "string"
},
{
"in": "body",
"name": "body",
"description": "The details of the chat",
"required": true,
"schema": {
"$ref": "#/definitions/object.Chat"
}
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"$ref": "#/definitions/controllers.Response"
}
}
}
}
},
"/api/update-enforcer": {
"post": {
"tags": [
@ -4614,41 +4348,6 @@
}
}
},
"/api/update-message": {
"post": {
"tags": [
"Message API"
],
"description": "update message",
"operationId": "ApiController.UpdateMessage",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id ( owner/name ) of the message",
"required": true,
"type": "string"
},
{
"in": "body",
"name": "body",
"description": "The details of the message",
"required": true,
"schema": {
"$ref": "#/definitions/object.Message"
}
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"$ref": "#/definitions/controllers.Response"
}
}
}
}
},
"/api/update-model": {
"post": {
"tags": [
@ -5431,6 +5130,14 @@
}
},
"definitions": {
"1183.0xc000639290.false": {
"title": "false",
"type": "object"
},
"1217.0xc0006392c0.false": {
"title": "false",
"type": "object"
},
"LaravelResponse": {
"title": "LaravelResponse",
"type": "object"
@ -5484,16 +5191,10 @@
"type": "object",
"properties": {
"data": {
"additionalProperties": {
"description": "support string, struct or []struct",
"type": "string"
}
"$ref": "#/definitions/1183.0xc000639290.false"
},
"data2": {
"additionalProperties": {
"description": "support string, struct or []struct",
"type": "string"
}
"$ref": "#/definitions/1217.0xc0006392c0.false"
},
"msg": {
"type": "string"
@ -5531,10 +5232,18 @@
"title": "JSONWebKey",
"type": "object"
},
"model.Model": {
"title": "Model",
"type": "object"
},
"object": {
"title": "object",
"type": "object"
},
"object.\u0026{197049 0xc000a2cd50 false}": {
"title": "\u0026{197049 0xc000a2cd50 false}",
"type": "object"
},
"object.AccountItem": {
"title": "AccountItem",
"type": "object",
@ -5557,16 +5266,41 @@
"title": "Adapter",
"type": "object",
"properties": {
"Engine": {
"$ref": "#/definitions/xorm.Engine"
},
"dataSourceName": {
"createdTime": {
"type": "string"
},
"dbName": {
"database": {
"type": "string"
},
"driverName": {
"databaseType": {
"type": "string"
},
"host": {
"type": "string"
},
"name": {
"type": "string"
},
"owner": {
"type": "string"
},
"password": {
"type": "string"
},
"port": {
"type": "integer",
"format": "int64"
},
"table": {
"type": "string"
},
"tableNamePrefix": {
"type": "string"
},
"type": {
"type": "string"
},
"user": {
"type": "string"
}
}
@ -5728,7 +5462,7 @@
"title": "CasbinRequest",
"type": "array",
"items": {
"$ref": "#/definitions/object.CasbinRequest"
"$ref": "#/definitions/object.\u0026{197049 0xc000a2cd50 false}"
}
},
"object.Cert": {
@ -5778,52 +5512,6 @@
}
}
},
"object.Chat": {
"title": "Chat",
"type": "object",
"properties": {
"category": {
"type": "string"
},
"createdTime": {
"type": "string"
},
"displayName": {
"type": "string"
},
"messageCount": {
"type": "integer",
"format": "int64"
},
"name": {
"type": "string"
},
"organization": {
"type": "string"
},
"owner": {
"type": "string"
},
"type": {
"type": "string"
},
"updatedTime": {
"type": "string"
},
"user1": {
"type": "string"
},
"user2": {
"type": "string"
},
"users": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"object.Enforce": {
"title": "Enforce",
"type": "object"
@ -5844,12 +5532,14 @@
"displayName": {
"type": "string"
},
"isEnabled": {
"type": "boolean"
},
"model": {
"type": "string"
},
"modelCfg": {
"additionalProperties": {
"type": "string"
}
},
"name": {
"type": "string"
},
@ -6084,36 +5774,6 @@
}
}
},
"object.Message": {
"title": "Message",
"type": "object",
"properties": {
"author": {
"type": "string"
},
"chat": {
"type": "string"
},
"createdTime": {
"type": "string"
},
"name": {
"type": "string"
},
"organization": {
"type": "string"
},
"owner": {
"type": "string"
},
"replyTo": {
"type": "string"
},
"text": {
"type": "string"
}
}
},
"object.MfaItem": {
"title": "MfaItem",
"type": "object",
@ -6169,9 +5829,6 @@
"displayName": {
"type": "string"
},
"isEnabled": {
"type": "boolean"
},
"modelText": {
"type": "string"
},
@ -6349,6 +6006,24 @@
}
}
},
"object.Ormer": {
"title": "Ormer",
"type": "object",
"properties": {
"Engine": {
"$ref": "#/definitions/xorm.Engine"
},
"dataSourceName": {
"type": "string"
},
"dbName": {
"type": "string"
},
"driverName": {
"type": "string"
}
}
},
"object.Payment": {
"title": "Payment",
"type": "object",
@ -6386,7 +6061,7 @@
"name": {
"type": "string"
},
"organization": {
"outOrderId": {
"type": "string"
},
"owner": {
@ -6424,7 +6099,7 @@
"type": "string"
},
"state": {
"type": "string"
"$ref": "#/definitions/pp.PaymentState"
},
"tag": {
"type": "string"
@ -7124,9 +6799,6 @@
"$ref": "#/definitions/object.TableColumn"
}
},
"tablePrimaryKey": {
"type": "string"
},
"type": {
"type": "string"
},
@ -7145,6 +6817,9 @@
"isHashed": {
"type": "boolean"
},
"isKey": {
"type": "boolean"
},
"name": {
"type": "string"
},
@ -7464,9 +7139,6 @@
"isForbidden": {
"type": "boolean"
},
"isGlobalAdmin": {
"type": "boolean"
},
"isOnline": {
"type": "boolean"
},
@ -7692,6 +7364,9 @@
"vk": {
"type": "string"
},
"web3onboard": {
"type": "string"
},
"webauthnCredentials": {
"type": "array",
"items": {
@ -7811,6 +7486,18 @@
}
}
},
"pp.PaymentState": {
"title": "PaymentState",
"type": "string",
"enum": [
"PaymentStatePaid = \"Paid\"",
"PaymentStateCreated = \"Created\"",
"PaymentStateCanceled = \"Canceled\"",
"PaymentStateTimeout = \"Timeout\"",
"PaymentStateError = \"Error\""
],
"example": "Paid"
},
"protocol.CredentialAssertion": {
"title": "CredentialAssertion",
"type": "object"
@ -7871,6 +7558,10 @@
"xorm.Engine": {
"title": "Engine",
"type": "object"
},
"xormadapter.Adapter": {
"title": "Adapter",
"type": "object"
}
},
"securityDefinitions": {
@ -7879,9 +7570,5 @@
"name": "Authorization",
"in": "header"
}
},
"externalDocs": {
"description": "Find out more about Casdoor",
"url": "https://casdoor.org/"
}
}

353
swagger/swagger.yml
View File

@ -85,24 +85,6 @@ paths:
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/add-chat:
post:
tags:
- Chat API
description: add chat
operationId: ApiController.AddChat
parameters:
- in: body
name: body
description: The details of the chat
required: true
schema:
$ref: '#/definitions/object.Chat'
responses:
"200":
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/add-enforcer:
post:
tags:
@ -157,24 +139,6 @@ paths:
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/add-message:
post:
tags:
- Message API
description: add message
operationId: ApiController.AddMessage
parameters:
- in: body
name: body
description: The details of the message
required: true
schema:
$ref: '#/definitions/object.Message'
responses:
"200":
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/add-model:
post:
tags:
@ -696,24 +660,6 @@ paths:
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/delete-chat:
post:
tags:
- Chat API
description: delete chat
operationId: ApiController.DeleteChat
parameters:
- in: body
name: body
description: The details of the chat
required: true
schema:
$ref: '#/definitions/object.Chat'
responses:
"200":
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/delete-enforcer:
post:
tags:
@ -768,24 +714,6 @@ paths:
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/delete-message:
post:
tags:
- Message API
description: delete message
operationId: ApiController.DeleteMessage
parameters:
- in: body
name: body
description: The details of the message
required: true
schema:
$ref: '#/definitions/object.Message'
responses:
"200":
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/delete-mfa/:
post:
tags:
@ -1271,42 +1199,17 @@ paths:
type: array
items:
$ref: '#/definitions/object.Cert'
/api/get-chat:
/api/get-dashboard:
get:
tags:
- Chat API
description: get chat
operationId: ApiController.GetChat
parameters:
- in: query
name: id
description: The id ( owner/name ) of the chat
required: true
type: string
- GetDashboard API
description: get information of dashboard
operationId: ApiController.GetDashboard
responses:
"200":
description: The Response object
schema:
$ref: '#/definitions/object.Chat'
/api/get-chats:
get:
tags:
- Chat API
description: get chats
operationId: ApiController.GetChats
parameters:
- in: query
name: owner
description: The owner of chats
required: true
type: string
responses:
"200":
description: The Response object
schema:
type: array
items:
$ref: '#/definitions/object.Chat'
$ref: '#/definitions/controllers.Response'
/api/get-default-application:
get:
tags:
@ -1503,59 +1406,6 @@ paths:
type: array
items:
$ref: '#/definitions/object.Ldap'
/api/get-message:
get:
tags:
- Message API
description: get message
operationId: ApiController.GetMessage
parameters:
- in: query
name: id
description: The id ( owner/name ) of the message
required: true
type: string
responses:
"200":
description: The Response object
schema:
$ref: '#/definitions/object.Message'
/api/get-message-answer:
get:
tags:
- Message API
description: get message answer
operationId: ApiController.GetMessageAnswer
parameters:
- in: query
name: id
description: The id ( owner/name ) of the message
required: true
type: string
responses:
"200":
description: The Response object
schema:
$ref: '#/definitions/object.Message'
/api/get-messages:
get:
tags:
- Message API
description: get messages
operationId: ApiController.GetMessages
parameters:
- in: query
name: owner
description: The owner of messages
required: true
type: string
responses:
"200":
description: The Response object
schema:
type: array
items:
$ref: '#/definitions/object.Message'
/api/get-model:
get:
tags:
@ -2925,29 +2775,6 @@ paths:
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/update-chat:
post:
tags:
- Chat API
description: update chat
operationId: ApiController.UpdateChat
parameters:
- in: query
name: id
description: The id ( owner/name ) of the chat
required: true
type: string
- in: body
name: body
description: The details of the chat
required: true
schema:
$ref: '#/definitions/object.Chat'
responses:
"200":
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/update-enforcer:
post:
tags:
@ -3012,29 +2839,6 @@ paths:
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/update-message:
post:
tags:
- Message API
description: update message
operationId: ApiController.UpdateMessage
parameters:
- in: query
name: id
description: The id ( owner/name ) of the message
required: true
type: string
- in: body
name: body
description: The details of the message
required: true
schema:
$ref: '#/definitions/object.Message'
responses:
"200":
description: The Response object
schema:
$ref: '#/definitions/controllers.Response'
/api/update-model:
post:
tags:
@ -3549,6 +3353,12 @@ paths:
schema:
$ref: '#/definitions/controllers.Response'
definitions:
1183.0xc000639290.false:
title: "false"
type: object
1217.0xc0006392c0.false:
title: "false"
type: object
LaravelResponse:
title: LaravelResponse
type: object
@ -3588,13 +3398,9 @@ definitions:
type: object
properties:
data:
additionalProperties:
description: support string, struct or []struct
type: string
$ref: '#/definitions/1183.0xc000639290.false'
data2:
additionalProperties:
description: support string, struct or []struct
type: string
$ref: '#/definitions/1217.0xc0006392c0.false'
msg:
type: string
name:
@ -3618,9 +3424,15 @@ definitions:
jose.JSONWebKey:
title: JSONWebKey
type: object
model.Model:
title: Model
type: object
object:
title: object
type: object
object.&{197049 0xc000a2cd50 false}:
title: '&{197049 0xc000a2cd50 false}'
type: object
object.AccountItem:
title: AccountItem
type: object
@ -3637,13 +3449,30 @@ definitions:
title: Adapter
type: object
properties:
Engine:
$ref: '#/definitions/xorm.Engine'
dataSourceName:
createdTime:
type: string
dbName:
database:
type: string
driverName:
databaseType:
type: string
host:
type: string
name:
type: string
owner:
type: string
password:
type: string
port:
type: integer
format: int64
table:
type: string
tableNamePrefix:
type: string
type:
type: string
user:
type: string
object.Application:
title: Application
@ -3752,7 +3581,7 @@ definitions:
title: CasbinRequest
type: array
items:
$ref: '#/definitions/object.CasbinRequest'
$ref: '#/definitions/object.&{197049 0xc000a2cd50 false}'
object.Cert:
title: Cert
type: object
@ -3785,37 +3614,6 @@ definitions:
type: string
type:
type: string
object.Chat:
title: Chat
type: object
properties:
category:
type: string
createdTime:
type: string
displayName:
type: string
messageCount:
type: integer
format: int64
name:
type: string
organization:
type: string
owner:
type: string
type:
type: string
updatedTime:
type: string
user1:
type: string
user2:
type: string
users:
type: array
items:
type: string
object.Enforce:
title: Enforce
type: object
@ -3831,10 +3629,11 @@ definitions:
type: string
displayName:
type: string
isEnabled:
type: boolean
model:
type: string
modelCfg:
additionalProperties:
type: string
name:
type: string
owner:
@ -3992,26 +3791,6 @@ definitions:
type: string
username:
type: string
object.Message:
title: Message
type: object
properties:
author:
type: string
chat:
type: string
createdTime:
type: string
name:
type: string
organization:
type: string
owner:
type: string
replyTo:
type: string
text:
type: string
object.MfaItem:
title: MfaItem
type: object
@ -4050,8 +3829,6 @@ definitions:
type: string
displayName:
type: string
isEnabled:
type: boolean
modelText:
type: string
name:
@ -4169,6 +3946,18 @@ definitions:
$ref: '#/definitions/object.ThemeData'
websiteUrl:
type: string
object.Ormer:
title: Ormer
type: object
properties:
Engine:
$ref: '#/definitions/xorm.Engine'
dataSourceName:
type: string
dbName:
type: string
driverName:
type: string
object.Payment:
title: Payment
type: object
@ -4195,7 +3984,7 @@ definitions:
type: string
name:
type: string
organization:
outOrderId:
type: string
owner:
type: string
@ -4221,7 +4010,7 @@ definitions:
returnUrl:
type: string
state:
type: string
$ref: '#/definitions/pp.PaymentState'
tag:
type: string
type:
@ -4692,8 +4481,6 @@ definitions:
type: array
items:
$ref: '#/definitions/object.TableColumn'
tablePrimaryKey:
type: string
type:
type: string
user:
@ -4706,6 +4493,8 @@ definitions:
type: string
isHashed:
type: boolean
isKey:
type: boolean
name:
type: string
type:
@ -4920,8 +4709,6 @@ definitions:
type: boolean
isForbidden:
type: boolean
isGlobalAdmin:
type: boolean
isOnline:
type: boolean
kakao:
@ -5073,6 +4860,8 @@ definitions:
type: string
vk:
type: string
web3onboard:
type: string
webauthnCredentials:
type: array
items:
@ -5151,6 +4940,16 @@ definitions:
type: string
url:
type: string
pp.PaymentState:
title: PaymentState
type: string
enum:
- PaymentStatePaid = "Paid"
- PaymentStateCreated = "Created"
- PaymentStateCanceled = "Canceled"
- PaymentStateTimeout = "Timeout"
- PaymentStateError = "Error"
example: Paid
protocol.CredentialAssertion:
title: CredentialAssertion
type: object
@ -5195,11 +4994,11 @@ definitions:
xorm.Engine:
title: Engine
type: object
xormadapter.Adapter:
title: Adapter
type: object
securityDefinitions:
AccessToken:
type: apiKey
name: Authorization
in: header
externalDocs:
description: Find out more about Casdoor
url: https://casdoor.org/

1
web/src/OrganizationListPage.js
View File

@ -81,7 +81,6 @@ class OrganizationListPage extends BaseListPage {
{name: "Properties", visible: false, viewRule: "Admin", modifyRule: "Admin"},
{name: "Is online", visible: true, viewRule: "Admin", modifyRule: "Admin"},
{name: "Is admin", visible: true, viewRule: "Admin", modifyRule: "Admin"},
{name: "Is global admin", visible: true, viewRule: "Admin", modifyRule: "Admin"},
{name: "Is forbidden", visible: true, viewRule: "Admin", modifyRule: "Admin"},
{name: "Is deleted", visible: true, viewRule: "Admin", modifyRule: "Admin"},
{Name: "Multi-factor authentication", Visible: true, ViewRule: "Self", ModifyRule: "Self"},

2
web/src/Setting.js
View File

@ -620,7 +620,7 @@ export function isAdminUser(account) {
if (account === undefined || account === null) {
return false;
}
return account.owner === "built-in" || account.isGlobalAdmin === true;
return account.owner === "built-in";
}
export function isLocalAdminUser(account) {

13
web/src/UserEditPage.js
View File

@ -842,19 +842,6 @@ class UserEditPage extends React.Component {
</Col>
</Row>
);
} else if (accountItem.name === "Is global admin") {
return (
<Row style={{marginTop: "20px"}} >
<Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
{Setting.getLabel(i18next.t("user:Is global admin"), i18next.t("user:Is global admin - Tooltip"))} :
</Col>
<Col span={(Setting.isMobile()) ? 22 : 2} >
<Switch disabled={disabled} checked={this.state.user.isGlobalAdmin} onChange={checked => {
this.updateUserField("isGlobalAdmin", checked);
}} />
</Col>
</Row>
);
} else if (accountItem.name === "Is forbidden") {
return (
<Row style={{marginTop: "20px"}} >

13
web/src/UserListPage.js
View File

@ -81,7 +81,6 @@ class UserListPage extends BaseListPage {
tag: "staff",
region: "",
isAdmin: (owner === "built-in"),
isGlobalAdmin: (owner === "built-in"),
IsForbidden: false,
score: this.state.organization.initScore,
isDeleted: false,
@ -354,18 +353,6 @@ class UserListPage extends BaseListPage {
);
},
},
{
title: i18next.t("user:Is global admin"),
dataIndex: "isGlobalAdmin",
key: "isGlobalAdmin",
width: "140px",
sorter: true,
render: (text, record, index) => {
return (
<Switch disabled checkedChildren="ON" unCheckedChildren="OFF" checked={text} />
);
},
},
{
title: i18next.t("user:Is forbidden"),
dataIndex: "isForbidden",

1
web/src/WebhookEditPage.js
View File

@ -79,7 +79,6 @@ const userTemplate = {
"ranking": 10,
"isOnline": false,
"isAdmin": true,
"isGlobalAdmin": false,
"isForbidden": false,
"isDeleted": false,
"signupApplication": "app-casnode",

2
web/src/common/OAuthWidget.js
View File

@ -188,7 +188,7 @@ class OAuthWidget extends React.Component {
</a>
)
) : (
<Button disabled={!providerItem.canUnlink && !account.isGlobalAdmin} style={{marginLeft: "20px", width: linkButtonWidth}} onClick={() => this.unlinkUser(provider.type, linkedValue)}>{i18next.t("user:Unlink")}</Button>
<Button disabled={!providerItem.canUnlink && !Setting.isAdminUser(account)} style={{marginLeft: "20px", width: linkButtonWidth}} onClick={() => this.unlinkUser(provider.type, linkedValue)}>{i18next.t("user:Unlink")}</Button>
)
}
</Col>

3
web/src/table/AccountTable.js
View File

@ -100,7 +100,6 @@ class AccountTable extends React.Component {
{name: "Properties", label: i18next.t("user:Properties")},
{name: "Is online", label: i18next.t("user:Is online")},
{name: "Is admin", label: i18next.t("user:Is admin")},
{name: "Is global admin", label: i18next.t("user:Is global admin")},
{name: "Is forbidden", label: i18next.t("user:Is forbidden")},
{name: "Is deleted", label: i18next.t("user:Is deleted")},
{name: "Multi-factor authentication", label: i18next.t("user:Multi-factor authentication")},
@ -179,7 +178,7 @@ class AccountTable extends React.Component {
}
let options;
if (record.viewRule === "Admin" || record.name === "Is admin" || record.name === "Is global admin") {
if (record.viewRule === "Admin" || record.name === "Is admin") {
options = [
{id: "Admin", name: "Admin"},
{id: "Immutable", name: "Immutable"},

2
web/src/table/SyncerTableColumnTable.js
View File

@ -100,7 +100,7 @@ class SyncerTableColumnTable extends React.Component {
{
["Name", "CreatedTime", "UpdatedTime", "Id", "Type", "Password", "PasswordSalt", "DisplayName", "FirstName", "LastName", "Avatar", "PermanentAvatar",
"Email", "EmailVerified", "Phone", "Location", "Address", "Affiliation", "Title", "IdCardType", "IdCard", "Homepage", "Bio", "Tag", "Region",
"Language", "Gender", "Birthday", "Education", "Score", "Ranking", "IsDefaultAvatar", "IsOnline", "IsAdmin", "IsGlobalAdmin", "IsForbidden", "IsDeleted", "CreatedIp"]
"Language", "Gender", "Birthday", "Education", "Score", "Ranking", "IsDefaultAvatar", "IsOnline", "IsAdmin", "IsForbidden", "IsDeleted", "CreatedIp"]
.map((item, index) => <Option key={index} value={item}>{item}</Option>)
}
</Select>

BIN
xlsx/user_test.xlsx
View File

Binary file not shown.