Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
535dde13ff
|
|||
|
63d102296f
|
|||
|
77d203b2b0
|
@@ -140,13 +140,13 @@ class OpenIDController extends Controller {
|
||||
const Policy = this.models.get('iam:Policy')
|
||||
const application = await Application.findOne({ openid_client_ids: params.client_id })
|
||||
if ( !application ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', 'this application'),
|
||||
next_destination: '/dash',
|
||||
})
|
||||
} else if ( !(await Policy.check_user_access(req.user, application.id)) ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
||||
next_destination: '/dash',
|
||||
@@ -200,13 +200,13 @@ class OpenIDController extends Controller {
|
||||
const Policy = this.models.get('iam:Policy')
|
||||
const application = await Application.findOne({ openid_client_ids: params.client_id })
|
||||
if ( !application ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', 'this application'),
|
||||
next_destination: '/dash',
|
||||
})
|
||||
} else if ( !(await Policy.check_user_access(req.user, application.id)) ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
||||
next_destination: '/dash',
|
||||
@@ -236,13 +236,13 @@ class OpenIDController extends Controller {
|
||||
const Policy = this.models.get('iam:Policy')
|
||||
const application = await Application.findOne({ openid_client_ids: params.client_id })
|
||||
if ( !application ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', 'this application'),
|
||||
next_destination: '/dash',
|
||||
})
|
||||
} else if ( !(await Policy.check_user_access(req.user, application.id)) ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
||||
next_destination: '/dash',
|
||||
|
||||
@@ -8,7 +8,7 @@ const Oauth2Controller = require('flitter-auth/controllers/Oauth2')
|
||||
*/
|
||||
class Oauth2 extends Oauth2Controller {
|
||||
static get services() {
|
||||
return [...super.services, 'Vue', 'configs', 'models']
|
||||
return [...super.services, 'Vue', 'configs', 'models', 'output']
|
||||
}
|
||||
|
||||
async authorize_post(req, res, next) {
|
||||
@@ -23,13 +23,13 @@ class Oauth2 extends Oauth2Controller {
|
||||
const Policy = this.models.get('iam:Policy')
|
||||
const application = await Application.findOne({ oauth_client_ids: starship_client.id })
|
||||
if ( !application ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
||||
next_destination: '/dash',
|
||||
})
|
||||
} else if ( !(await Policy.check_user_access(req.user, application.id)) ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
||||
next_destination: '/dash',
|
||||
@@ -54,13 +54,13 @@ class Oauth2 extends Oauth2Controller {
|
||||
const Policy = this.models.get('iam:Policy')
|
||||
const application = await Application.findOne({ oauth_client_ids: starship_client.id })
|
||||
if ( !application ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
||||
next_destination: '/dash',
|
||||
})
|
||||
} else if ( !(await Policy.check_user_access(req.user, application.id)) ) {
|
||||
this.output.warning('IAM Denial!')
|
||||
this.output.warn('IAM Denial!')
|
||||
return this.Vue.auth_message(res, {
|
||||
message: req.T('saml.no_access').replace('APP_NAME', application.name),
|
||||
next_destination: '/dash',
|
||||
|
||||
@@ -8,6 +8,7 @@ class PermissionMiddleware extends Middleware {
|
||||
async test(req, res, next, { check }) {
|
||||
const Policy = this.models.get('iam:Policy')
|
||||
|
||||
if ( !req.additional_api_log_data ) req.additional_api_log_data = {}
|
||||
req.additional_api_log_data.permission_check = check
|
||||
|
||||
// If the request was authorized using an OAuth2 bearer token,
|
||||
|
||||
Reference in New Issue
Block a user