From 764c43c995fbb0167940047be521a68f50486163 Mon Sep 17 00:00:00 2001
From: stonezdj <stonezdj@gmail.com>
Date: Wed, 15 Aug 2018 15:12:13 +0800
Subject: [PATCH] If current user is in the group defined ldap_group_admin_dn,
 it doesn't have the harbor admin role. The current solution only fix the
 /api/users/currentuser, but for /api/users/:id it can display the real
 information. see issue #5620

Signed-off-by: stonezdj <stonezdj@gmail.com>
---
 src/ui/api/user.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/ui/api/user.go b/src/ui/api/user.go
index 5c3ec1aac..60feda6fa 100644
--- a/src/ui/api/user.go
+++ b/src/ui/api/user.go
@@ -116,6 +116,9 @@ func (ua *UserAPI) Get() {
 			ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
 		}
 		u.Password = ""
+		if ua.userID == ua.currentUserID {
+			u.HasAdminRole = ua.SecurityCtx.IsSysAdmin()
+		}
 		ua.Data["json"] = u
 		ua.ServeJSON()
 		return