Commit 86e3d068 authored by Alexis POYEN's avatar Alexis POYEN
Browse files

Refactor : getting user ID, roles -> groups, get all data from OAuth2 User

parent 8932648c
......@@ -118,17 +118,17 @@ func AddUser(w http.ResponseWriter, req *http.Request) {
newUser.Password = ""
}
// Select the new id for the user
maxID := 1
newUser.ID = 1
for _, val := range users {
if maxID <= val.ID {
maxID = val.ID + 1
if newUser.ID <= val.ID {
newUser.ID = val.ID + 1
}
if newUser.Login == val.Login {
http.Error(w, "login already exists", 400)
return
}
}
newUser.ID = maxID
// Sauvegarder l'utilisateur dans InMemory
users = append(users, newUser)
sort.Sort(ByID(users))
err = common.Save(UsersFile, &users)
......
......@@ -29,15 +29,13 @@ type Manager struct {
// UserOAuth2 is the user get from OAuth2 authentification
type UserOAuth2 struct {
ID string `json:"id,omitempty"`
Login string `json:"login"`
DisplayName string `json:"displayName,omitempty"`
Roles []string `json:"memberOf"`
IsAdmin bool `json:"isAdmin,omitempty"`
Name string `json:"name,omitempty"`
Surname string `json:"surname,omitempty"`
PasswordHash string `json:"passwordHash,omitempty"`
Password string `json:"password,omitempty"`
ID string `json:"id,omitempty"`
Login string `json:"login"`
DisplayName string `json:"displayName,omitempty"`
Groups []string `json:"memberOf"`
IsAdmin bool `json:"isAdmin,omitempty"`
Name string `json:"name,omitempty"`
Surname string `json:"surname,omitempty"`
}
// NewManager returns a new Manager according to environment variables
......@@ -124,8 +122,8 @@ func (m Manager) HandleOAuth2Callback() http.Handler {
return
}
// Trim the user roles in case they come from LDAP
for key, role := range userOauth2.Roles {
userOauth2.Roles[key] = strings.TrimPrefix(strings.Split(role, ",")[0], "CN=")
for key, role := range userOauth2.Groups {
userOauth2.Groups[key] = strings.TrimPrefix(strings.Split(role, ",")[0], "CN=")
}
// Store the user in cookie
user, err := getUserInMemory(userOauth2)
......@@ -167,7 +165,7 @@ func getUserInMemory(userOAuth2 UserOAuth2) (User, error) {
func addUserInMemory(userOauth2 UserOAuth2) (User, error) {
var user User
// Define user role or refuse if not in a correct group
for _, userRole := range userOauth2.Roles {
for _, userRole := range userOauth2.Groups {
if userRole != "" && (userRole == os.Getenv("ADMIN_GROUP")) {
user.Role = "ADMIN"
} else if userRole != "" && (userRole == os.Getenv("CLIENT_GROUP")) {
......@@ -179,6 +177,8 @@ func addUserInMemory(userOauth2 UserOAuth2) (User, error) {
user.IDOAuth = userOauth2.ID
user.Login = userOauth2.Login
user.DisplayName = userOauth2.DisplayName
user.Name = userOauth2.Name
user.Surname = userOauth2.Surname
var users []User
err := common.Load(UsersFile, &users)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment