mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow sign-in users without policy (#129)

Browse Source
This commit is contained in:
Lenin Alevski
2020-05-19 13:26:53 -07:00
committed by GitHub
parent 92a8aab07d
commit 35d575e7ac
1 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
restapi/user_login.go
View File

@@ -123,14 +123,15 @@ func getLoginResponse(lr *models.LoginRequest) (*models.LoginResponse, error) {
log.Println("error login:", err)
return nil, errInvalidCredentials
}
policy, err := adminClient.getPolicy(ctx, userInfo.PolicyName)
if err != nil {
log.Println("error login:", err)
return nil, errInvalidCredentials
policy, _ := adminClient.getPolicy(ctx, userInfo.PolicyName)
// by default every user starts with an empty array of available actions
// therefore we would have access only to pages that doesn't require any privilege
// ie: service-account page
actions := []string{}
// if a policy is assigned to this user we parse the actions from there
if policy != nil {
actions = acl.GetActionsStringFromPolicy(policy)
}
actions := acl.GetActionsStringFromPolicy(policy)
sessionID, err := login(credentials, actions)
if err != nil {
return nil, err