coryHawkvelt/gatehouse-api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: hide invite-only networks from non-admin users in listing

Browse Source
This commit is contained in:
cory
2026-05-30 06:40:49 +00:00
parent 2aad17f5e0
commit 55f24ea9e5
4 changed files with 240 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
gatehouse_app/api/v1/zerotier.py
+5 -1
View File
@@ -134,7 +134,11 @@ def list_networks(org_id):
return err
include_inactive = request.args.get("include_inactive", "false").lower() == "true"
networks = portal_network_service.list_networks(org_id, include_inactive=include_inactive)
networks = portal_network_service.list_networks(
org_id,
include_inactive=include_inactive,
user_id=g.current_user.id,
)
return api_response(
data={"networks": [n.to_dict() for n in networks], "count": len(networks)},
gatehouse_app/services/portal_network_service.py
+17 -1
View File
@@ -6,6 +6,7 @@ import re
from gatehouse_app.extensions import db
from gatehouse_app.models import PortalNetwork
from gatehouse_app.models.organization import Organization
from gatehouse_app.models.organization.organization_member import OrganizationMember
from gatehouse_app.models.user import User
from gatehouse_app.services.audit_service import AuditService
from gatehouse_app.services import zerotier_api_service as zt
@@ -178,14 +179,29 @@ def create_network(
def list_networks(
organization_id: str,
include_inactive: bool = False,
user_id: str | None = None,
) -> list[PortalNetwork]:
"""List portal networks for an organization."""
"""List portal networks for an organization.
Invite-only networks are hidden from non-admin users.
"""
q = PortalNetwork.query.filter(
PortalNetwork.organization_id == organization_id,
PortalNetwork.deleted_at.is_(None),
)
if not include_inactive:
q = q.filter(PortalNetwork.is_active.is_(True))
if user_id is not None:
membership = OrganizationMember.query.filter(
OrganizationMember.organization_id == organization_id,
OrganizationMember.user_id == user_id,
OrganizationMember.deleted_at.is_(None),
).first()
is_admin = membership.is_admin() if membership else False
if not is_admin:
q = q.filter(PortalNetwork.request_mode != NetworkRequestMode.INVITE_ONLY)
return q.all()