devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

Added login user to get all allowed roles as param

Browse Source
This commit is contained in:
Pjort Kat
2022-11-07 17:33:13 +01:00
parent 4afd544c41
commit 1b659d24c0
1 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/resolvers/login.go
View File

@@ -86,12 +86,16 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
currentRoles := strings.Split(user.Roles, ",")
if len(params.Roles) > 0 {
if !validators.IsValidRoles(params.Roles, currentRoles) {
log.Debug("Invalid roles: ", params.Roles)
return res, fmt.Errorf(`invalid roles`)
}
if params.Roles[0] = "all_allowed_roles" {
roles = currentRoles
} else {
if !validators.IsValidRoles(params.Roles, currentRoles) {
log.Debug("Invalid roles: ", params.Roles)
return res, fmt.Errorf(`invalid roles`)
}
roles = params.Roles
roles = params.Roles
}
}
scope := []string{"openid", "email", "profile"}