Skip to content

Commit

Permalink
wip(auth): check authorization
Browse files Browse the repository at this point in the history 
- if denied returns false
- if allowed continues until en or false
- if no matches returns default

issue UPC#916
  • Loading branch information
@frankiejol
frankiejol committed Nov 13, 2018
1 parent 420bc45 commit 7a8ad2f
Showing 1 changed file with 23 additions and 0 deletions.
23 changes: 23 additions & 0 deletions lib/Ravada/Auth/User.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -335,6 +335,29 @@ sub _load_allowed {
if ($ldap_entry && defined $ldap_entry->get_value($attribute)
&& $ldap_entry->get_value($attribute) eq $value ) {
$self->{_allowed}->{$id_domain} = $allowed;
$n_allowed++ if $allowed;
$n_denied++ if !$allowed;

if ( $value eq '*' ) {
$self->{_allowed}->{$id_domain} = $allowed
if !exists $self->{_allowed}->{$id_domain};
last;
} elsif ( $ldap_entry && defined $ldap_entry->get_value($attribute)
&& $ldap_entry->get_value($attribute) eq $value ) {

$self->{_allowed}->{$id_domain} = $allowed;

last if !$allowed;
}
}
$sth->finish;
next if defined $self->{_allowed}->{$id_domain};
if ($n_allowed && $n_denied) {
warn "WARNING: No default access attribute for domain $id_domain";
next;
}
if ($n_allowed && !$n_denied) {
$self->{_allowed}->{$id_domain} = 0;
} else {
$self->{_allowed}->{$id_domain} = 0;
}
Expand Down

0 comments on commit 7a8ad2f

Please sign in to comment.