devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

Added login user to get all allowed roles as param

Browse Source
This commit is contained in:
Pjort Kat
2022-11-07 17:33:13 +01:00
parent 4afd544c41
commit 1b659d24c0
1 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/resolvers/login.go
View File

@@ -86,12 +86,16 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
currentRoles := strings.Split(user.Roles, ",") currentRoles := strings.Split(user.Roles, ",")
if len(params.Roles) > 0 { if len(params.Roles) > 0 {
if !validators.IsValidRoles(params.Roles, currentRoles) { if params.Roles[0] = "all_allowed_roles" {
log.Debug("Invalid roles: ", params.Roles) roles = currentRoles
return res, fmt.Errorf(`invalid roles`) } else {
} if !validators.IsValidRoles(params.Roles, currentRoles) {
log.Debug("Invalid roles: ", params.Roles)
return res, fmt.Errorf(`invalid roles`)
}
roles = params.Roles roles = params.Roles
}
} }
scope := []string{"openid", "email", "profile"} scope := []string{"openid", "email", "profile"}