vikunja
/
vikunja
6
43
Fork 72
Code Issues 150 Pull Requests 19 Packages Releases 32 Activity

work on openid to just start group workflow when teamData is available
continuous-integration/drone/pr Build is failing Details

This commit is contained in:
viehlieb 2023-05-08 15:51:58 +02:00
parent 0b52a6b591
commit 3fdbd53b3e
1 changed files with 40 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
pkg/modules/auth/openid/openid.go
View File

@ -200,23 +200,24 @@ func HandleCallback(c echo.Context) error {
// does the oidc token contain well formed "vikunja_groups" through vikunja_scope // does the oidc token contain well formed "vikunja_groups" through vikunja_scope
teamData, errs := getTeamDataFromToken(cl.VikunjaGroups, provider) teamData, errs := getTeamDataFromToken(cl.VikunjaGroups, provider)
for _, err := range errs { if teamData != nil {
log.Errorf("Error creating teams for user and vikunja groups %s: %v", cl.VikunjaGroups, err) for _, err := range errs {
} log.Errorf("Error creating teams for user and vikunja groups %s: %v", cl.VikunjaGroups, err)
}
//find old teams for user through oidc //find old teams for user through oidc
oldOidcTeams, err := models.FindAllOidcTeamIDsForUser(s, u.ID) oldOidcTeams, err := models.FindAllOidcTeamIDsForUser(s, u.ID)
if err != nil { if err != nil {
log.Errorf("No Oidc Teams found for user %v", err) log.Errorf("No Oidc Teams found for user %v", err)
} }
oidcTeams, err := AssignOrCreateUserToTeams(s, u, teamData) oidcTeams, err := AssignOrCreateUserToTeams(s, u, teamData)
if err != nil { if err != nil {
log.Errorf("Could not proceed with group routine %v", err) log.Errorf("Could not proceed with group routine %v", err)
} }
errs = RemoveUserFromTeamsByIds(s, u, utils.NotIn(oldOidcTeams, oidcTeams)) errs = RemoveUserFromTeamsByIds(s, u, utils.NotIn(oldOidcTeams, oidcTeams))
log.Errorf("%v", errs) for _, err := range errs {
for _, err := range errs { log.Errorf("Found Error while signing out from teams %v", err)
log.Errorf("Found Error while signing out from teams %v", err) }
} }
err = s.Commit() err = s.Commit()
if err != nil { if err != nil {
@ -229,29 +230,30 @@ func HandleCallback(c echo.Context) error {
} }
func AssignOrCreateUserToTeams(s *xorm.Session, u *user.User, teamData []models.OIDCTeamData) (oidcTeams []int64, err error) { func AssignOrCreateUserToTeams(s *xorm.Session, u *user.User, teamData []models.OIDCTeamData) (oidcTeams []int64, err error) {
if len(teamData) > 0 { if len(teamData) == 0 {
// check if we have seen these teams before. return
// find or create Teams and assign user as teammember. }
teams, err := GetOrCreateTeamsByOIDCAndNames(s, teamData, u) // check if we have seen these teams before.
if err != nil { // find or create Teams and assign user as teammember.
log.Errorf("Error verifying team for %v, got %v. Error: %v", u.Name, teams, err) teams, err := GetOrCreateTeamsByOIDCAndNames(s, teamData, u)
return nil, err if err != nil {
} log.Errorf("Error verifying team for %v, got %v. Error: %v", u.Name, teams, err)
for _, team := range teams { return nil, err
tm := models.TeamMember{TeamID: team.ID, UserID: u.ID, Username: u.Username} }
exists, _ := tm.CheckMembership(s) for _, team := range teams {
if !exists { tm := models.TeamMember{TeamID: team.ID, UserID: u.ID, Username: u.Username}
err = tm.Create(s, u) exists, _ := tm.CheckMembership(s)
if err != nil { if !exists {
log.Errorf("Could not assign %v to %v. %v", u.Username, team.Name, err) err = tm.Create(s, u)
} if err != nil {
log.Errorf("Could not assign %v to %v. %v", u.Username, team.Name, err)
} }
oidcTeams = append(oidcTeams, team.ID)
} }
oidcTeams = append(oidcTeams, team.ID)
} }
return oidcTeams, err return oidcTeams, err
} }
func RemoveUserFromTeamsByIds(s *xorm.Session, u *user.User, teamIDs []int64) (errs []error) { func RemoveUserFromTeamsByIds(s *xorm.Session, u *user.User, teamIDs []int64) (errs []error) {
errs = []error{} errs = []error{}
for _, teamID := range teamIDs { for _, teamID := range teamIDs {
@ -310,19 +312,19 @@ func getTeamDataFromToken(groups []map[string]interface{}, provider *Provider) (
} }
func CreateTeamWithData(s *xorm.Session, teamData models.OIDCTeamData, u *user.User) (team *models.Team, err error) { func CreateTeamWithData(s *xorm.Session, teamData models.OIDCTeamData, u *user.User) (team *models.Team, err error) {
tea := &models.Team{ team = &models.Team{
Name: teamData.TeamName, Name: teamData.TeamName,
Description: teamData.Description, Description: teamData.Description,
OidcID: teamData.OidcID, OidcID: teamData.OidcID,
} }
err = tea.Create(s, u) err = team.Create(s, u)
return tea, err return team, err
} }
// this functions creates an array of existing teams that was generated from the oidc data. // this functions creates an array of existing teams that was generated from the oidc data.
func GetOrCreateTeamsByOIDCAndNames(s *xorm.Session, teamData []models.OIDCTeamData, u *user.User) (te []*models.Team, err error) { func GetOrCreateTeamsByOIDCAndNames(s *xorm.Session, teamData []models.OIDCTeamData, u *user.User) (te []*models.Team, err error) {
te = []*models.Team{} te = []*models.Team{}
// Procedure can only be successful if oidcID is set and converted to string // Procedure can only be successful if oidcID is set
for _, oidcTeam := range teamData { for _, oidcTeam := range teamData {
team, err := models.GetTeamByOidcIDAndName(s, oidcTeam.OidcID, oidcTeam.TeamName) team, err := models.GetTeamByOidcIDAndName(s, oidcTeam.OidcID, oidcTeam.TeamName)
if err != nil { if err != nil {