starred/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-12-17 17:23:25 +03:00
Code Issues 418 Packages Projects Releases 12 Wiki Activity

feat: Add ability to map OIDC attributes and ignore username

Browse Source 
Closes #554
This commit is contained in:
Maksim Eltyshev
2024-01-25 23:01:59 +01:00
parent 76a18d06d6
commit 0d39a7567f
13 changed files with 112 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
server/api/controllers/users/update-username.js
View File

@@ -53,11 +53,7 @@ module.exports = {
async fn(inputs) {
const { currentUser } = this.req;
if (inputs.id === currentUser.id) {
if (!inputs.currentPassword) {
throw Errors.INVALID_CURRENT_PASSWORD;
}
} else if (!currentUser.isAdmin) {
if (inputs.id !== currentUser.id && !currentUser.isAdmin) {
throw Errors.USER_NOT_FOUND; // Forbidden
}
@@ -67,15 +63,18 @@ module.exports = {
throw Errors.USER_NOT_FOUND;
}
if (user.email === sails.config.custom.defaultAdminEmail || user.isSso) {
if (user.email === sails.config.custom.defaultAdminEmail) {
throw Errors.NOT_ENOUGH_RIGHTS;
}
if (
inputs.id === currentUser.id &&
!bcrypt.compareSync(inputs.currentPassword, user.password)
) {
throw Errors.INVALID_CURRENT_PASSWORD;
if (user.isSso) {
if (!sails.config.custom.oidcIgnoreUsername) {
throw Errors.NOT_ENOUGH_RIGHTS;
}
} else if (inputs.id === currentUser.id) {
if (!inputs.currentPassword || !bcrypt.compareSync(inputs.currentPassword, user.password)) {
throw Errors.INVALID_CURRENT_PASSWORD;
}
}
const values = _.pick(inputs, ['username']);