From 607f15495f8961ad270904c55ffe077623cdca62 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Mon, 22 Dec 2025 10:46:25 +0100
Subject: dashboard/app: fix admin checks for dev_appserver

Admin checks broke at some point for local app runs
(the auth domain is overriden only in tests).
Restore proper checking for dev_appserver.
---
 dashboard/app/access.go | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'dashboard')

diff --git a/dashboard/app/access.go b/dashboard/app/access.go
index cab133dd6..11ddbcd70 100644
--- a/dashboard/app/access.go
+++ b/dashboard/app/access.go
@@ -10,6 +10,7 @@ import (
 	"net/http"
 	"strings"
 
+	"google.golang.org/appengine/v2"
 	db "google.golang.org/appengine/v2/datastore"
 	"google.golang.org/appengine/v2/log"
 	"google.golang.org/appengine/v2/user"
@@ -79,14 +80,20 @@ func accessLevel(c context.Context, r *http.Request) AccessLevel {
 	return al
 }
 
+const prodAuthDomain = "gmail.com"
+
 // trustedAuthDomain for the test environment is "".
-var trustedAuthDomain = "gmail.com"
+var trustedAuthDomain = prodAuthDomain
 
 // userAccessLevel returns authorization flag and AccessLevel.
 // (True, AccessAdmin) means authorized, Admin access.
 // Note - authorize higher levels first.
 func userAccessLevel(u *user.User, wantAccess string, config *GlobalConfig) (bool, AccessLevel) {
-	if u == nil || u.AuthDomain != trustedAuthDomain {
+	domainOK := u != nil && (u.AuthDomain == trustedAuthDomain ||
+		// This supports local runs of dev_appserver.py where trustedAuthDomain
+		// is not overridden, but dev_appserver.py sets u.AuthDomain="".
+		appengine.IsDevAppServer() && trustedAuthDomain == prodAuthDomain)
+	if !domainOK {
 		return false, AccessPublic
 	}
 	if u.Admin {
-- 
cgit mrf-deployment