dennii/Termix
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 22 Wiki Activity

fix: owner should not be marked as shared when host is shared to their role #492

Merged
ZacharyZcR merged 1 commits from fix/admin-share-permission into dev-1.10.1 2026-01-12 07:29:24 +00:00
Conversation 0 Commits 1 Files Changed 1 +4 -3
ZacharyZcR commented 2026-01-11 14:33:11 +00:00 (Migrated from github.com)
Copy Link

Summary

  • Fix isShared flag logic to exclude host owners
  • Owner retains full edit/delete permissions even when host is shared to their role

Root cause: The SQL query hostAccess.id IS NOT NULL marked hosts as "shared" whenever a hostAccess record existed, without checking if the current user is the owner.

Scenario:

  1. Admin creates a host (owner)
  2. Admin shares host to "Administrator" role
  3. Admin is in "Administrator" role
  4. hostAccess record exists → isShared = true
  5. Frontend hides edit/delete buttons for shared hosts
  6. Admin loses ability to modify their own host

Fix: Add owner check to SQL: hostAccess.id IS NOT NULL AND sshData.userId != userId

Related to #391

## Summary - Fix `isShared` flag logic to exclude host owners - Owner retains full edit/delete permissions even when host is shared to their role **Root cause**: The SQL query `hostAccess.id IS NOT NULL` marked hosts as "shared" whenever a hostAccess record existed, without checking if the current user is the owner. **Scenario**: 1. Admin creates a host (owner) 2. Admin shares host to "Administrator" role 3. Admin is in "Administrator" role 4. `hostAccess` record exists → `isShared = true` 5. Frontend hides edit/delete buttons for shared hosts 6. Admin loses ability to modify their own host **Fix**: Add owner check to SQL: `hostAccess.id IS NOT NULL AND sshData.userId != userId` Related to #391
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
bug
Something isn't working
 dependencies
Pull requests that update a dependency file
 docker
Pull requests that update docker code
 documentation
Improvements or additions to documentation
 duplicate
This issue or pull request already exists
 enhancement
New feature or request
 github_actions
Pull requests that update GitHub Actions code
 good first issue
Good for newcomers
 help wanted
Extra attention is needed
 invalid
This doesn't seem right
 javascript
Pull requests that update javascript code
 question
Further information is requested
 security
Questions about network security
 wontfix
This will not be worked on
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
dennii
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: dennii/Termix#492
Delete Branch "fix/admin-share-permission"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?