feat: assign users to teams via OIDC claims #1393
|
@ -94,8 +94,8 @@ type TeamUser struct {
|
|||
TeamID int64 `json:"-"`
|
||||
}
|
||||
|
||||
// TeamData is the relevant data for a team and is delivered by oidc token
|
||||
type TeamData struct {
|
||||
// OIDCTeamData is the relevant data for a team and is delivered by oidc token
|
||||
viehlieb marked this conversation as resolved
Outdated
|
||||
type OIDCTeamData struct {
|
||||
TeamName string
|
||||
OidcID string
|
||||
Description string
|
||||
|
|
|
@ -231,7 +231,7 @@ func HandleCallback(c echo.Context) error {
|
|||
return auth.NewUserAuthTokenResponse(u, c, false)
|
||||
}
|
||||
viehlieb marked this conversation as resolved
Outdated
konrad
commented
Replace with
Replace with
```
if len(teamData) < 1 {
return
}
viehlieb
commented
It could well be, that only a single team is received through the oidc token. It could well be, that only a single team is received through the oidc token.
konrad
commented
But I should have phrased it better, this is equivalent:
But `len(teamData) < 1` will only be true if there are 0 teams received?
I should have phrased it better, this is equivalent:
```
if len(teamData) == 0 {
return
}
```
viehlieb
commented
yes, that's true of course. i do not know why i read it differently. yes, that's true of course. i do not know why i read it differently.
|
||||
|
||||
viehlieb marked this conversation as resolved
Outdated
konrad
commented
This should be an This should be an `Error` log message.
|
||||
func AssignOrCreateUserToTeams(s *xorm.Session, u *user.User, teamData []models.TeamData) (oidcTeams []int64, err error) {
|
||||
func AssignOrCreateUserToTeams(s *xorm.Session, u *user.User, teamData []models.OIDCTeamData) (oidcTeams []int64, err error) {
|
||||
if len(teamData) > 0 {
|
||||
// check if we have seen these teams before.
|
||||
// find or create Teams and assign user as teammember.
|
||||
|
@ -277,8 +277,8 @@ func SignOutFromTeamsByID(s *xorm.Session, u *user.User, teamIDs []int64) (errs
|
|||
return errs
|
||||
}
|
||||
|
||||
func getTeamDataFromToken(groups []map[string]interface{}, provider *Provider) (teamData []models.TeamData, errs []error) {
|
||||
teamData = []models.TeamData{}
|
||||
func getTeamDataFromToken(groups []map[string]interface{}, provider *Provider) (teamData []models.OIDCTeamData, errs []error) {
|
||||
teamData = []models.OIDCTeamData{}
|
||||
errs = []error{}
|
||||
for _, team := range groups {
|
||||
var name string
|
||||
|
@ -307,12 +307,12 @@ func getTeamDataFromToken(groups []map[string]interface{}, provider *Provider) (
|
|||
errs = append(errs, &user.ErrOpenIDCustomScopeMalformed{})
|
||||
continue
|
||||
}
|
||||
teamData = append(teamData, models.TeamData{TeamName: name, OidcID: oidcID, Description: description})
|
||||
teamData = append(teamData, models.OIDCTeamData{TeamName: name, OidcID: oidcID, Description: description})
|
||||
}
|
||||
return teamData, errs
|
||||
}
|
||||
viehlieb marked this conversation as resolved
Outdated
konrad
commented
Please rename this to Please rename this to `team`.
konrad
commented
What's the advantage of this method over What's the advantage of this method over `team.Create`?
viehlieb
commented
i think it was cyclomatic complexity. i think it was cyclomatic complexity.
|
||||
|
||||
viehlieb marked this conversation as resolved
Outdated
konrad
commented
Please make this debug message more descriptive. Please make this debug message more descriptive.
|
||||
func CreateTeamWithData(s *xorm.Session, teamData models.TeamData, u *user.User) (team *models.Team, err error) {
|
||||
func CreateTeamWithData(s *xorm.Session, teamData models.OIDCTeamData, u *user.User) (team *models.Team, err error) {
|
||||
tea := &models.Team{
|
||||
Name: teamData.TeamName,
|
||||
Description: teamData.Description,
|
||||
|
@ -323,7 +323,7 @@ func CreateTeamWithData(s *xorm.Session, teamData models.TeamData, u *user.User)
|
|||
}
|
||||
|
||||
// this functions creates an array of existing teams that was generated from the oidc data.
|
||||
viehlieb marked this conversation as resolved
Outdated
konrad
commented
Which oidcID? In the Which oidcID? In the `teamData`? Isn't that always a string, due to the type system? Then the comment is redundant, please remove or clarify further.
|
||||
func GetOrCreateTeamsByOIDCAndNames(s *xorm.Session, teamData []models.TeamData, u *user.User) (te []*models.Team, err error) {
|
||||
func GetOrCreateTeamsByOIDCAndNames(s *xorm.Session, teamData []models.OIDCTeamData, u *user.User) (te []*models.Team, err error) {
|
||||
te = []*models.Team{}
|
||||
// Procedure can only be successful if oidcID is set and converted to string
|
||||
for _, oidcTeam := range teamData {
|
||||
|
|
Loading…
Reference in New Issue
Block a user
What is this used for? Please add a comment.
What's the difference to the
Team
struct?Intermediate struct which only holds TeamName and OidcId Description.
It does not exist as a Team yet or better: it is the data accessible via oidc, which the Team struct is compared against.
Okay, but isn't it missing the json tags then? I'm not sure if I understood you correctly herre.
If it's only used for oidc data the name should reflect that.
TeamData
is too generic.No, the teamData has to be pulled out of token via
getTeamDataFromToken
Called it OIDCTeamData now.