#1731 Fix managePlatform permission

TheHive-Project · Mar 4, 2021 · cc49281 · cc49281
1 parent 0a45b8f
commit cc49281
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 3 deletions.
diff --git a/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala
@@ -71,12 +71,15 @@ class UserCtrl @Inject() (
           .current
           .richUserWithCustomRenderer(request.organisation, _.organisationWithRole)
           .getOrFail("User")
-          .map(user =>
+          .map { user =>
+            val scope =
+              if (user._1.organisation == Organisation.administration.name) "admin"
+              else "organisation"
             Results
               .Ok(user.toJson)
               .withHeaders("X-Organisation" -> request.organisation.toString)
-              .withHeaders("X-Permissions" -> user._1.permissions.mkString(","))
-          )
+              .withHeaders("X-Permissions" -> (Permissions.forScope(scope) & user._1.permissions).mkString(","))
+          }
           .recover { case _ => Results.Unauthorized.withHeaders("X-Logout" -> "1") }
       }
 

diff --git a/thehive/app/org/thp/thehive/models/Permissions.scala b/thehive/app/org/thp/thehive/models/Permissions.scala
@@ -42,6 +42,7 @@ object Permissions extends Perms {
       manageOrganisation,
       managePage,
       managePattern,
+      managePlatform,
       manageProcedure,
       manageProfile,
       manageShare,