Skip to content

Commit 0cd44b1

Browse files
tollsimytollsimy
committed
Allow admins to register other admins
1 parent 76b7989 commit 0cd44b1

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

src/handlers/session.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ func (h *SessionHandlers) Register(c *gin.Context) {
8080
c.JSON(http.StatusForbidden, gin.H{"error": "Superuser registration is not allowed"})
8181
return
8282
}
83-
// If registering as admin, you need to be a superuser
83+
// If registering as admin, you need to be a superuser or admin
8484
if *newUser.Role == api.UserRequestRoleAdmin {
8585
// Check if the current user is authenticated with superuser privileges
8686
_, role, err := auth.AuthenticationFunc(c.GetHeader("Authorization"))
@@ -89,7 +89,7 @@ func (h *SessionHandlers) Register(c *gin.Context) {
8989
return
9090
}
9191
// Check if the user has superuser privileges
92-
if role != "superuser" {
92+
if role != "superuser" && role != "admin" {
9393
c.JSON(http.StatusForbidden, gin.H{"error": "Superuser privileges required to register " + string(*newUser.Role) + " accounts"})
9494
return
9595
}

0 commit comments

Comments
 (0)