jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Make intersectScopes take an array

Browse Source
This commit is contained in:
Girish Ramakrishnan
2018-06-17 22:38:14 -07:00
parent 1015b0ad9c
commit 6a2dacb08a
3 changed files with 13 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/routes/accesscontrol.js
View File

@@ -107,11 +107,11 @@ function accessTokenAuth(accessToken, callback) {
// scopes here can define what capabilities that token carries
// passport put the 'info' object into req.authInfo, where we can further validate the scopes
const userScope = user.groupIds.indexOf(constants.ADMIN_GROUP_ID) !== -1 ? '*' : 'profile';
var scope = accesscontrol.intersectScope(userScope, token.scope).split(',');
const userScopes = user.groupIds.indexOf(constants.ADMIN_GROUP_ID) !== -1 ? accesscontrol.VALID_SCOPES : [ 'profile' ];
var authorizedScopes = accesscontrol.intersectScopes(userScopes, token.scope.split(','));
// these clients do not require password checks unlike UI
const skipPasswordVerification = token.clientId === 'cid-sdk' || token.clientId === 'cid-cli';
var info = { authorizedScopes: scope, skipPasswordVerification: skipPasswordVerification };
var info = { authorizedScopes: authorizedScopes, skipPasswordVerification: skipPasswordVerification };
callback(null, user, info);
});