mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-03-05 15:57:01 -05:00
Code Issues Packages Projects Releases Wiki Activity

getRoleId: Fallback if no roleIDs in context

Browse Source 
When not using reva to mint the token the roleIDs of the user are not
part of the token (and not in the request context). Fallback to query
the settings service in that case.
This commit is contained in:
Ralf Haferkamp
2022-03-29 17:46:16 +02:00
parent 4cbec0adab
commit 0836ec1d6c
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
settings/pkg/service/v0/service.go
View File

@@ -459,9 +459,23 @@ func getValidatedAccountUUID(ctx context.Context, accountUUID string) string {
// getRoleIDs extracts the roleIDs of the authenticated user from the context.
func (g Service) getRoleIDs(ctx context.Context) []string {
var ownRoleIDs []string
if ownRoleIDs, ok := roles.ReadRoleIDsFromContext(ctx); ok {
return ownRoleIDs
}
if accountID, ok := metadata.Get(ctx, middleware.AccountID); ok {
assignments, err := g.manager.ListRoleAssignments(accountID)
if err != nil {
g.logger.Info().Err(err).Str("userid", accountID).Msg("failed to get roles for user")
return []string{}
}
for _, a := range assignments {
ownRoleIDs = append(ownRoleIDs, a.RoleId)
}
return ownRoleIDs
}
g.logger.Info().Msg("failed to get accountID from context")
return []string{}
}