devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

Added login user to get all allowed roles as param

Browse Source
This commit is contained in:
Pjort Kat 2022-11-07 17:33:13 +01:00
parent 4afd544c41
commit 1b659d24c0
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/resolvers/login.go
View File

@ -86,6 +86,9 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
currentRoles := strings.Split(user.Roles, ",") currentRoles := strings.Split(user.Roles, ",")
if len(params.Roles) > 0 { if len(params.Roles) > 0 {
if params.Roles[0] = "all_allowed_roles" {
roles = currentRoles
} else {
if !validators.IsValidRoles(params.Roles, currentRoles) { if !validators.IsValidRoles(params.Roles, currentRoles) {
log.Debug("Invalid roles: ", params.Roles) log.Debug("Invalid roles: ", params.Roles)
return res, fmt.Errorf(`invalid roles`) return res, fmt.Errorf(`invalid roles`)
@ -93,6 +96,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
roles = params.Roles roles = params.Roles
} }
}
scope := []string{"openid", "email", "profile"} scope := []string{"openid", "email", "profile"}
if params.Scope != nil && len(scope) > 0 { if params.Scope != nil && len(scope) > 0 {