mystiq/dex
Archived
4
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

bugfix: make getCreds work for non-admins (#396)

Browse source
This commit is contained in:
Stephan Renatus 2016-04-08 19:14:01 +02:00 committed by Eric Chiang
parent 70cb0546ce
commit ed89be44ef
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
server/user.go
View file

@ -88,7 +88,7 @@ type authedHandle func(w http.ResponseWriter, r *http.Request, ps httprouter.Par
// that of an admin user.
func (s *UserMgmtServer) authAPIHandle(handle authedHandle, requiresAdmin bool) httprouter.Handle {
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
creds, err := s.getCreds(r)
creds, err := s.getCreds(r, requiresAdmin)
if err != nil {
s.writeError(w, err)
return
@ -243,7 +243,7 @@ func (s *UserMgmtServer) writeError(w http.ResponseWriter, err error) {
writeAPIError(w, http.StatusInternalServerError, newAPIError(errorServerError, err.Error()))
}
func (s *UserMgmtServer) getCreds(r *http.Request) (api.Creds, error) {
func (s *UserMgmtServer) getCreds(r *http.Request, requiresAdmin bool) (api.Creds, error) {
token, err := oidc.ExtractBearerToken(r)
if err != nil {
log.Errorf("userMgmtServer: GetCreds err: %q", err)
@ -300,7 +300,7 @@ func (s *UserMgmtServer) getCreds(r *http.Request) (api.Creds, error) {
log.Errorf("userMgmtServer: GetCreds err: %q", err)
return api.Creds{}, err
}
if !isAdmin {
if requiresAdmin && !isAdmin {
return api.Creds{}, api.ErrorForbidden
}