github.com/masterhung0112/hk_server/v5@v5.0.0-20220302090640-ec71aef15e1c/cmd/hkserver/commands/roles.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package commands 5 6 import ( 7 "errors" 8 "strings" 9 10 "github.com/spf13/cobra" 11 12 "github.com/masterhung0112/hk_server/v5/audit" 13 "github.com/masterhung0112/hk_server/v5/model" 14 ) 15 16 var RolesCmd = &cobra.Command{ 17 Use: "roles", 18 Short: "Management of user roles", 19 } 20 21 var MakeSystemAdminCmd = &cobra.Command{ 22 Use: "system_admin [users]", 23 Short: "Set a user as system admin", 24 Long: "Make some users system admins", 25 Example: " roles system_admin user1", 26 RunE: makeSystemAdminCmdF, 27 } 28 29 var MakeMemberCmd = &cobra.Command{ 30 Use: "member [users]", 31 Short: "Remove system admin privileges", 32 Long: "Remove system admin privileges from some users.", 33 Example: " roles member user1", 34 RunE: makeMemberCmdF, 35 } 36 37 func init() { 38 RolesCmd.AddCommand( 39 MakeSystemAdminCmd, 40 MakeMemberCmd, 41 ) 42 RootCmd.AddCommand(RolesCmd) 43 } 44 45 func makeSystemAdminCmdF(command *cobra.Command, args []string) error { 46 a, err := InitDBCommandContextCobra(command) 47 if err != nil { 48 return err 49 } 50 defer a.Srv().Shutdown() 51 52 if len(args) < 1 { 53 return errors.New("Enter at least one user.") 54 } 55 56 users := getUsersFromUserArgs(a, args) 57 for i, user := range users { 58 if user == nil { 59 return errors.New("Unable to find user '" + args[i] + "'") 60 } 61 62 systemAdmin := false 63 systemUser := false 64 65 roles := strings.Fields(user.Roles) 66 for _, role := range roles { 67 switch role { 68 case model.SYSTEM_ADMIN_ROLE_ID: 69 systemAdmin = true 70 case model.SYSTEM_USER_ROLE_ID: 71 systemUser = true 72 } 73 } 74 75 if !systemUser { 76 roles = append(roles, model.SYSTEM_USER_ROLE_ID) 77 } 78 if !systemAdmin { 79 roles = append(roles, model.SYSTEM_ADMIN_ROLE_ID) 80 } 81 82 updatedUser, errUpdate := a.UpdateUserRoles(user.Id, strings.Join(roles, " "), true) 83 if errUpdate != nil { 84 return errUpdate 85 } 86 87 auditRec := a.MakeAuditRecord("makeSystemAdmin", audit.Success) 88 auditRec.AddMeta("user", user) 89 auditRec.AddMeta("update", updatedUser) 90 a.LogAuditRec(auditRec, nil) 91 } 92 return nil 93 } 94 95 func makeMemberCmdF(command *cobra.Command, args []string) error { 96 a, err := InitDBCommandContextCobra(command) 97 if err != nil { 98 return err 99 } 100 defer a.Srv().Shutdown() 101 102 if len(args) < 1 { 103 return errors.New("Enter at least one user.") 104 } 105 106 users := getUsersFromUserArgs(a, args) 107 for i, user := range users { 108 if user == nil { 109 return errors.New("Unable to find user '" + args[i] + "'") 110 } 111 112 systemUser := false 113 var newRoles []string 114 115 roles := strings.Fields(user.Roles) 116 for _, role := range roles { 117 switch role { 118 case model.SYSTEM_ADMIN_ROLE_ID: 119 default: 120 if role == model.SYSTEM_USER_ROLE_ID { 121 systemUser = true 122 } 123 newRoles = append(newRoles, role) 124 } 125 } 126 127 if !systemUser { 128 newRoles = append(roles, model.SYSTEM_USER_ROLE_ID) 129 } 130 131 updatedUser, errUpdate := a.UpdateUserRoles(user.Id, strings.Join(newRoles, " "), true) 132 if errUpdate != nil { 133 return errUpdate 134 } 135 136 auditRec := a.MakeAuditRecord("makeMember", audit.Success) 137 auditRec.AddMeta("user", user) 138 auditRec.AddMeta("update", updatedUser) 139 a.LogAuditRec(auditRec, nil) 140 } 141 return nil 142 }