From 47845523a588bc991f7ada868b5d57a31755b023 Mon Sep 17 00:00:00 2001
From: Prabhat Khera <91852476+prabhat-org@users.noreply.github.com>
Date: Thu, 2 Nov 2023 16:08:22 +1300
Subject: [PATCH] fix(users): hide admin users for non admins from user list
 API [EE-6290] (#10579)

* hide admin users for non admins from user list API

* address review comments
---
 api/http/handler/users/user_list.go | 52 +++++++++++++----------------
 1 file changed, 24 insertions(+), 28 deletions(-)

diff --git a/api/http/handler/users/user_list.go b/api/http/handler/users/user_list.go
index edc529b14..2532ac7af 100644
--- a/api/http/handler/users/user_list.go
+++ b/api/http/handler/users/user_list.go
@@ -10,6 +10,13 @@ import (
 	"github.com/portainer/portainer/api/http/security"
 )
 
+type User struct {
+	ID       portainer.UserID `json:"Id" example:"1"`
+	Username string           `json:"Username" example:"bob"`
+	// User role (1 for administrator account and 2 for regular account)
+	Role portainer.UserRole `json:"Role" example:"1"`
+}
+
 // @id UserList
 // @summary List users
 // @description List Portainer users.
@@ -41,16 +48,10 @@ func (handler *Handler) userList(w http.ResponseWriter, r *http.Request) *httper
 	}
 
 	availableUsers := security.FilterUsers(users, securityContext)
-	for i := range availableUsers {
-		hideFields(&availableUsers[i])
-	}
 
 	endpointID, _ := request.RetrieveNumericQueryParameter(r, "environmentId", true)
 	if endpointID == 0 {
-		if securityContext.IsAdmin {
-			sanitizeUsers(users)
-		}
-		return response.JSON(w, users)
+		return response.JSON(w, sanitizeUsers(availableUsers))
 	}
 
 	// filter out users who do not have access to the specific endpoint
@@ -64,14 +65,11 @@ func (handler *Handler) userList(w http.ResponseWriter, r *http.Request) *httper
 		return httperror.InternalServerError("Unable to retrieve environment groups from the database", err)
 	}
 
-	canAccessEndpoint := make([]portainer.User, 0)
+	canAccessEndpoint := make([]User, 0)
 	for _, user := range availableUsers {
 		// the users who have the endpoint authorization
 		if _, ok := user.EndpointAuthorizations[endpoint.ID]; ok {
-			if securityContext.IsAdmin {
-				sanitizeUser(&user)
-			}
-			canAccessEndpoint = append(canAccessEndpoint, user)
+			canAccessEndpoint = append(canAccessEndpoint, sanitizeUser(user))
 			continue
 		}
 
@@ -82,27 +80,25 @@ func (handler *Handler) userList(w http.ResponseWriter, r *http.Request) *httper
 		}
 
 		if security.AuthorizedEndpointAccess(endpoint, endpointGroup, user.ID, teamMemberships) {
-			if securityContext.IsAdmin {
-				sanitizeUser(&user)
-			}
-			canAccessEndpoint = append(canAccessEndpoint, user)
+			canAccessEndpoint = append(canAccessEndpoint, sanitizeUser(user))
 		}
 	}
 
 	return response.JSON(w, canAccessEndpoint)
 }
 
-func sanitizeUser(user *portainer.User) {
-	user.Password = ""
-	user.EndpointAuthorizations = nil
-	user.ThemeSettings = portainer.UserThemeSettings{}
-	user.PortainerAuthorizations = nil
-	user.UserTheme = ""
-	user.TokenIssueAt = 0
-}
-
-func sanitizeUsers(users []portainer.User) {
-	for i := range users {
-		sanitizeUser(&users[i])
+func sanitizeUser(user portainer.User) User {
+	return User{
+		ID:       user.ID,
+		Username: user.Username,
+		Role:     user.Role,
 	}
 }
+
+func sanitizeUsers(users []portainer.User) []User {
+	u := make([]User, len(users))
+	for i := range users {
+		u[i] = sanitizeUser(users[i])
+	}
+	return u
+}