feat(teamleader) EE-294 redesign team leader (#6973)

2025-07-23 15:29:42 +02:00 · 2022-06-03 16:44:42 +12:00 · 2022-06-03 16:44:42 +12:00 · 0522032515
commit 0522032515
parent bca1c6b9cf
29 changed files with 223 additions and 135 deletions
--- a/api/http/handler/users/user_create.go
+++ b/api/http/handler/users/user_create.go
@ -34,8 +34,7 @@ func (payload *userCreatePayload) Validate(r *http.Request) error {
 // @id UserCreate
 // @summary Create a new user
 // @description Create a new Portainer user.
-// @description Only team leaders and administrators can create users.
-// @description Only administrators can create an administrator user account.
+// @description Only administrators can create users.
 // @description **Access policy**: restricted
 // @tags users
 // @security ApiKeyAuth
@ -56,19 +55,6 @@ func (handler *Handler) userCreate(w http.ResponseWriter, r *http.Request) *http
 		return &httperror.HandlerError{http.StatusBadRequest, "Invalid request payload", err}
 	}

-	securityContext, err := security.RetrieveRestrictedRequestContext(r)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve info from request context", err}
-	}
-
-	if !securityContext.IsAdmin && !securityContext.IsTeamLeader {
-		return &httperror.HandlerError{http.StatusForbidden, "Permission denied to create user", httperrors.ErrResourceAccessDenied}
-	}
-
-	if securityContext.IsTeamLeader && payload.Role == 1 {
-		return &httperror.HandlerError{http.StatusForbidden, "Permission denied to create administrator user", httperrors.ErrResourceAccessDenied}
-	}
-
 	user, err := handler.DataStore.User().UserByUsername(payload.Username)
 	if err != nil && !handler.DataStore.IsErrObjectNotFound(err) {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve users from the database", err}