Auth: Add "node" and "portal" roles, refactor session entity #98

Signed-off-by: Michael Mayer <michael@photoprism.app>
2025-12-12 00:34:13 +01:00 · 2025-09-18 13:33:18 +02:00
parent 2a116cffb3
commit 887a39e7d9
42 changed files with 297 additions and 266 deletions
--- a/internal/api/config_settings.go
+++ b/internal/api/config_settings.go
@@ -72,9 +72,9 @@ func SaveSettings(router *gin.RouterGroup) {
 		var settings *customize.Settings

 		// Only super admins can change global config defaults.
-		if s.User().IsSuperAdmin() {
+		if s.GetUser().IsSuperAdmin() {
 			// Update global defaults and user preferences.
-			user := s.User()
+			user := s.GetUser()
 			settings = conf.Settings()

 			// Set values from request.
@@ -103,7 +103,7 @@ func SaveSettings(router *gin.RouterGroup) {
 			UpdateClientConfig()
 		} else {
 			// Update user preferences without changing global defaults.
-			user := s.User()
+			user := s.GetUser()

 			if user == nil {
 				AbortUnexpectedError(c)
@@ -119,7 +119,7 @@ func SaveSettings(router *gin.RouterGroup) {
 			}

 			// Update user preferences.
-			if acl.Rules.DenyAll(acl.ResourceSettings, s.UserRole(), acl.Permissions{acl.ActionUpdate, acl.ActionManage}) {
+			if acl.Rules.DenyAll(acl.ResourceSettings, s.GetUserRole(), acl.Permissions{acl.ActionUpdate, acl.ActionManage}) {
 				c.JSON(http.StatusOK, user.Settings().Apply(settings).ApplyTo(conf.Settings().ApplyACL(acl.Rules, user.AclRole())))
 				return
 			} else if err := user.Settings().Apply(settings).Save(); err != nil {