mirror of
https://github.com/Termix-SSH/Termix.git
synced 2026-07-15 04:43:36 +00:00
Merge pull request #764 from ZacharyZcR/feat/opkssh-host-sharing
feat: allow sharing opkssh-authenticated hosts
This commit is contained in:
@@ -128,10 +128,10 @@ router.post(
|
|||||||
return res.status(403).json({ error: "Not host owner" });
|
return res.status(403).json({ error: "Not host owner" });
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!host[0].credentialId) {
|
if (!host[0].credentialId && host[0].authType !== "opkssh") {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
error:
|
error:
|
||||||
"Only hosts using credentials can be shared. Please create a credential and assign it to this host before sharing.",
|
"Only hosts using credentials or OPKSSH can be shared. Please create a credential and assign it to this host before sharing.",
|
||||||
code: "CREDENTIAL_REQUIRED_FOR_SHARING",
|
code: "CREDENTIAL_REQUIRED_FOR_SHARING",
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
@@ -203,23 +203,25 @@ router.post(
|
|||||||
.delete(sharedCredentials)
|
.delete(sharedCredentials)
|
||||||
.where(eq(sharedCredentials.hostAccessId, existing[0].id));
|
.where(eq(sharedCredentials.hostAccessId, existing[0].id));
|
||||||
|
|
||||||
const { SharedCredentialManager } =
|
if (host[0].credentialId) {
|
||||||
await import("../../utils/shared-credential-manager.js");
|
const { SharedCredentialManager } =
|
||||||
const sharedCredManager = SharedCredentialManager.getInstance();
|
await import("../../utils/shared-credential-manager.js");
|
||||||
if (targetType === "user") {
|
const sharedCredManager = SharedCredentialManager.getInstance();
|
||||||
await sharedCredManager.createSharedCredentialForUser(
|
if (targetType === "user") {
|
||||||
existing[0].id,
|
await sharedCredManager.createSharedCredentialForUser(
|
||||||
host[0].credentialId,
|
existing[0].id,
|
||||||
targetUserId!,
|
host[0].credentialId,
|
||||||
userId,
|
targetUserId!,
|
||||||
);
|
userId,
|
||||||
} else {
|
);
|
||||||
await sharedCredManager.createSharedCredentialsForRole(
|
} else {
|
||||||
existing[0].id,
|
await sharedCredManager.createSharedCredentialsForRole(
|
||||||
host[0].credentialId,
|
existing[0].id,
|
||||||
targetRoleId!,
|
host[0].credentialId,
|
||||||
userId,
|
targetRoleId!,
|
||||||
);
|
userId,
|
||||||
|
);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
databaseLogger.info("Permission granted", {
|
databaseLogger.info("Permission granted", {
|
||||||
operation: "rbac_permission_grant",
|
operation: "rbac_permission_grant",
|
||||||
@@ -249,20 +251,22 @@ router.post(
|
|||||||
await import("../../utils/shared-credential-manager.js");
|
await import("../../utils/shared-credential-manager.js");
|
||||||
const sharedCredManager = SharedCredentialManager.getInstance();
|
const sharedCredManager = SharedCredentialManager.getInstance();
|
||||||
|
|
||||||
if (targetType === "user") {
|
if (host[0].credentialId) {
|
||||||
await sharedCredManager.createSharedCredentialForUser(
|
if (targetType === "user") {
|
||||||
result.lastInsertRowid as number,
|
await sharedCredManager.createSharedCredentialForUser(
|
||||||
host[0].credentialId,
|
result.lastInsertRowid as number,
|
||||||
targetUserId!,
|
host[0].credentialId,
|
||||||
userId,
|
targetUserId!,
|
||||||
);
|
userId,
|
||||||
} else {
|
);
|
||||||
await sharedCredManager.createSharedCredentialsForRole(
|
} else {
|
||||||
result.lastInsertRowid as number,
|
await sharedCredManager.createSharedCredentialsForRole(
|
||||||
host[0].credentialId,
|
result.lastInsertRowid as number,
|
||||||
targetRoleId!,
|
host[0].credentialId,
|
||||||
userId,
|
targetRoleId!,
|
||||||
);
|
userId,
|
||||||
|
);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
databaseLogger.success("Host shared successfully", {
|
databaseLogger.success("Host shared successfully", {
|
||||||
operation: "rbac_host_share_success",
|
operation: "rbac_host_share_success",
|
||||||
|
|||||||
Reference in New Issue
Block a user