diff --git a/src/lib/middleware/no-authentication.ts b/src/lib/middleware/no-authentication.ts index 2696b09b86..3d7eaacc65 100644 --- a/src/lib/middleware/no-authentication.ts +++ b/src/lib/middleware/no-authentication.ts @@ -1,16 +1,12 @@ import { Application } from 'express'; -import { ADMIN } from '../types/permissions'; -import ApiUser from '../types/api-user'; +import NoAuthUser from '../types/no-auth-user'; function noneAuthentication(basePath = '', app: Application): void { app.use(`${basePath}/api/admin/`, (req, res, next) => { // @ts-ignore if (!req.user) { - // @ts-ignore - req.user = new ApiUser({ - username: 'unknown', - permissions: [ADMIN], - }); + // @ts-expect-error + req.user = new NoAuthUser(); } next(); }); diff --git a/src/lib/routes/admin-api/config.ts b/src/lib/routes/admin-api/config.ts index fbc4867d7e..16298da06a 100644 --- a/src/lib/routes/admin-api/config.ts +++ b/src/lib/routes/admin-api/config.ts @@ -1,6 +1,6 @@ import { Request, Response } from 'express'; import { IUnleashServices } from '../../types/services'; -import { IUnleashConfig } from '../../types/option'; +import { IAuthType, IUnleashConfig } from '../../types/option'; import version from '../../util/version'; import Controller from '../controller'; @@ -46,7 +46,9 @@ class ConfigController extends Controller { await this.settingService.get(simpleAuthKey); const versionInfo = this.versionService.getVersionInfo(); - const disablePasswordAuth = simpleAuthSettings?.disabled; + const disablePasswordAuth = + simpleAuthSettings?.disabled || + this.config.authentication.type == IAuthType.NONE; res.json({ ...config, versionInfo, disablePasswordAuth }); } } diff --git a/src/lib/routes/admin-api/user.ts b/src/lib/routes/admin-api/user.ts index ef98e01e53..c1104d869d 100644 --- a/src/lib/routes/admin-api/user.ts +++ b/src/lib/routes/admin-api/user.ts @@ -2,13 +2,13 @@ import { Response } from 'express'; import { IAuthRequest } from '../unleash-types'; import Controller from '../controller'; import { AccessService } from '../../services/access-service'; -import { IUnleashConfig } from '../../types/option'; +import { IAuthType, IUnleashConfig } from '../../types/option'; import { IUnleashServices } from '../../types/services'; import UserService from '../../services/user-service'; import SessionService from '../../services/session-service'; import UserFeedbackService from '../../services/user-feedback-service'; import UserSplashService from '../../services/user-splash-service'; -import { NONE } from '../../types/permissions'; +import { ADMIN, NONE } from '../../types/permissions'; interface IChangeUserRequest { password: string; @@ -58,9 +58,12 @@ class UserController extends Controller { async getUser(req: IAuthRequest, res: Response): Promise { res.setHeader('cache-control', 'no-store'); const { user } = req; - const permissions = await this.accessService.getPermissionsForUser( - user, - ); + let permissions; + if (this.config.authentication.type === IAuthType.NONE) { + permissions = [{ permission: ADMIN }]; + } else { + permissions = await this.accessService.getPermissionsForUser(user); + } const feedback = await this.userFeedbackService.getAllUserFeedback( user, ); diff --git a/src/lib/types/no-auth-user.ts b/src/lib/types/no-auth-user.ts new file mode 100644 index 0000000000..fbb65e8cde --- /dev/null +++ b/src/lib/types/no-auth-user.ts @@ -0,0 +1,22 @@ +import { ADMIN } from './permissions'; + +export default class NoAuthUser { + isAPI: boolean; + + username: string; + + id: number; + + permissions: string[]; + + constructor( + username: string = 'unknown', + id: number = -1, + permissions: string[] = [ADMIN], + ) { + this.isAPI = true; + this.username = username; + this.id = id; + this.permissions = permissions; + } +}