|
|
|
@ -140,13 +140,13 @@ class OpenIDController extends Controller {
|
|
|
|
|
const Policy = this.models.get('iam:Policy')
|
|
|
|
|
const application = await Application.findOne({ openid_client_ids: params.client_id })
|
|
|
|
|
if ( !application ) {
|
|
|
|
|
this.output.warning('IAM Denial!')
|
|
|
|
|
this.output.warn('IAM Denial!')
|
|
|
|
|
return this.Vue.auth_message(res, {
|
|
|
|
|
message: req.T('saml.no_access').replace('APP_NAME', 'this application'),
|
|
|
|
|
next_destination: '/dash',
|
|
|
|
|
})
|
|
|
|
|
} else if ( !(await Policy.check_user_access(req.user, application.id)) ) {
|
|
|
|
|
this.output.warning('IAM Denial!')
|
|
|
|
|
this.output.warn('IAM Denial!')
|
|
|
|
|
return this.Vue.auth_message(res, {
|
|
|
|
|
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
|
|
|
|
next_destination: '/dash',
|
|
|
|
@ -200,13 +200,13 @@ class OpenIDController extends Controller {
|
|
|
|
|
const Policy = this.models.get('iam:Policy')
|
|
|
|
|
const application = await Application.findOne({ openid_client_ids: params.client_id })
|
|
|
|
|
if ( !application ) {
|
|
|
|
|
this.output.warning('IAM Denial!')
|
|
|
|
|
this.output.warn('IAM Denial!')
|
|
|
|
|
return this.Vue.auth_message(res, {
|
|
|
|
|
message: req.T('saml.no_access').replace('APP_NAME', 'this application'),
|
|
|
|
|
next_destination: '/dash',
|
|
|
|
|
})
|
|
|
|
|
} else if ( !(await Policy.check_user_access(req.user, application.id)) ) {
|
|
|
|
|
this.output.warning('IAM Denial!')
|
|
|
|
|
this.output.warn('IAM Denial!')
|
|
|
|
|
return this.Vue.auth_message(res, {
|
|
|
|
|
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
|
|
|
|
next_destination: '/dash',
|
|
|
|
@ -236,13 +236,13 @@ class OpenIDController extends Controller {
|
|
|
|
|
const Policy = this.models.get('iam:Policy')
|
|
|
|
|
const application = await Application.findOne({ openid_client_ids: params.client_id })
|
|
|
|
|
if ( !application ) {
|
|
|
|
|
this.output.warning('IAM Denial!')
|
|
|
|
|
this.output.warn('IAM Denial!')
|
|
|
|
|
return this.Vue.auth_message(res, {
|
|
|
|
|
message: req.T('saml.no_access').replace('APP_NAME', 'this application'),
|
|
|
|
|
next_destination: '/dash',
|
|
|
|
|
})
|
|
|
|
|
} else if ( !(await Policy.check_user_access(req.user, application.id)) ) {
|
|
|
|
|
this.output.warning('IAM Denial!')
|
|
|
|
|
this.output.warn('IAM Denial!')
|
|
|
|
|
return this.Vue.auth_message(res, {
|
|
|
|
|
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
|
|
|
|
next_destination: '/dash',
|
|
|
|
|