feat(UAC): change default ownership to admininstrators (#2137)

* #960 feat(UAC): change ownership to admins for externally created ressources * feat(UAC): change ownership to admins for externally created resources Deprecated AdministratorsOnly js and go backend * #960 feat(UAC): remove AdministratorsOnly property and minor GUI fixes Update swagger definition changing AdministratorsOnly to Public * #960 feat(UAC): fix create resource with access control data * #960 feat(UAC): authorization of non-admin users for restricted operations On stacks, containers networks, services , tasks and volumes. * #960 feat(UAC): database migration to version 14 The administrator resources are deleted and Public resources are now managed by admins * #960 feat(UAC): small fixes from PR #2137 * #960 feat(UAC): improve the readability of the source code * feat(UAC) fix displayed ownership for Swarm related resources (#960)
2025-07-22 23:09:41 +02:00 · 2018-08-19 00:57:28 -05:00 · 2018-08-19 00:57:28 -05:00 · e1e263d8c8
commit e1e263d8c8
parent 31c2a6d9e7
30 changed files with 206 additions and 179 deletions
--- a/api/http/handler/resourcecontrols/resourcecontrol_create.go
+++ b/api/http/handler/resourcecontrols/resourcecontrol_create.go
@ -12,12 +12,12 @@ import (
 )

 type resourceControlCreatePayload struct {
-	ResourceID         string
-	Type               string
-	AdministratorsOnly bool
-	Users              []int
-	Teams              []int
-	SubResourceIDs     []string
+	ResourceID     string
+	Type           string
+	Public         bool
+	Users          []int
+	Teams          []int
+	SubResourceIDs []string
 }

 func (payload *resourceControlCreatePayload) Validate(r *http.Request) error {
@ -29,8 +29,8 @@ func (payload *resourceControlCreatePayload) Validate(r *http.Request) error {
 		return portainer.Error("Invalid type")
 	}

-	if len(payload.Users) == 0 && len(payload.Teams) == 0 && !payload.AdministratorsOnly {
-		return portainer.Error("Invalid resource control declaration. Must specify Users, Teams or AdministratorOnly")
+	if len(payload.Users) == 0 && len(payload.Teams) == 0 && !payload.Public {
+		return portainer.Error("Invalid resource control declaration. Must specify Users, Teams or Public")
 	}
 	return nil
 }
@ -90,12 +90,12 @@ func (handler *Handler) resourceControlCreate(w http.ResponseWriter, r *http.Req
 	}

 	resourceControl := portainer.ResourceControl{
-		ResourceID:         payload.ResourceID,
-		SubResourceIDs:     payload.SubResourceIDs,
-		Type:               resourceControlType,
-		AdministratorsOnly: payload.AdministratorsOnly,
-		UserAccesses:       userAccesses,
-		TeamAccesses:       teamAccesses,
+		ResourceID:     payload.ResourceID,
+		SubResourceIDs: payload.SubResourceIDs,
+		Type:           resourceControlType,
+		Public:         payload.Public,
+		UserAccesses:   userAccesses,
+		TeamAccesses:   teamAccesses,
 	}

 	securityContext, err := security.RetrieveRestrictedRequestContext(r)