Skip to content

Commit

Permalink
Improve org admin permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
@nomeguy
nomeguy committed Oct 7, 2022
1 parent 0a9058a commit d3a2c2a
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions authz/authz.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,14 @@
package authz

import (
"fmt"
"strings"

"github.com/casbin/casbin/v2"
"github.com/casbin/casbin/v2/model"
xormadapter "github.com/casbin/xorm-adapter/v3"
"github.com/casdoor/casdoor/conf"
"github.com/casdoor/casdoor/object"
stringadapter "github.com/qiangmzsx/string-adapter/v2"
)

Expand Down Expand Up @@ -138,6 +140,12 @@ func IsAllowed(subOwner string, subName string, method string, urlPath string, o
}
}

userId := fmt.Sprintf("%s/%s", subOwner, subName)
user := object.GetUser(userId)
if user != nil && user.IsAdmin && subOwner == objOwner {
return true
}

res, err := Enforcer.Enforce(subOwner, subName, method, urlPath, objOwner, objName)
if err != nil {
panic(err)
Expand Down

0 comments on commit d3a2c2a

Please sign in to comment.