mirror of
https://gitlab.com/fabinfra/fabaccess/bffh.git
synced 2024-11-25 16:17:56 +01:00
Reverse visibility check to properly disclose machines
Machines that you have disclose on are always shown. Machines you *don't* have `disclose` on are *also* show *iff* you are using them.
This commit is contained in:
parent
069819bb9a
commit
cc2b43a9f2
@ -62,24 +62,33 @@ impl machines::Server for Machines {
|
|||||||
|
|
||||||
let mut filtered_v = Vec::with_capacity(v.len());
|
let mut filtered_v = Vec::with_capacity(v.len());
|
||||||
for (id, machine) in v.into_iter() {
|
for (id, machine) in v.into_iter() {
|
||||||
match machine.get_status().await {
|
// Check if the user has disclose. If yes, machines are always shown.
|
||||||
// Always show a machine if they're in use by myself
|
let required_disclose = &machine.desc.privs.disclose;
|
||||||
Status::InUse(ref bywho) =>
|
if session.as_ref().unwrap().perms.iter()
|
||||||
if bywho.is_some() && bywho.as_ref().filter(|bywho| *bywho == user).is_some()
|
.any(|rule| rule.match_perm(required_disclose))
|
||||||
{
|
{
|
||||||
|
filtered_v.push((id, machine));
|
||||||
|
} else {
|
||||||
|
// If no, match their state. Used & reserved machines are also shown
|
||||||
|
match machine.get_status().await {
|
||||||
|
// Always show a machine if they're in use by myself
|
||||||
|
Status::InUse(ref bywho) =>
|
||||||
|
if bywho.is_some() && bywho.as_ref().filter(|bywho| *bywho == user).is_some()
|
||||||
|
{
|
||||||
|
filtered_v.push((id, machine));
|
||||||
|
}
|
||||||
|
Status::Reserved(ref bywho) => if bywho == user {
|
||||||
filtered_v.push((id, machine));
|
filtered_v.push((id, machine));
|
||||||
}
|
}
|
||||||
Status::Reserved(ref bywho) => if bywho == user {
|
|
||||||
filtered_v.push((id, machine));
|
|
||||||
}
|
|
||||||
|
|
||||||
// The rest depends on the actual priviledges below
|
// The rest depends on the actual priviledges below
|
||||||
_ => {
|
_ => {
|
||||||
let required_disclose = &machine.desc.privs.disclose;
|
let required_disclose = &machine.desc.privs.disclose;
|
||||||
if session.as_ref().unwrap().perms.iter()
|
if session.as_ref().unwrap().perms.iter()
|
||||||
.any(|rule| rule.match_perm(required_disclose))
|
.any(|rule| rule.match_perm(required_disclose))
|
||||||
{
|
{
|
||||||
filtered_v.push((id, machine));
|
filtered_v.push((id, machine));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user