Docker/planka
Docker/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-07-22 06:39:44 +02:00
Code Issues Releases Activity

feat: Add ability to map OIDC attributes and ignore username
Some checks failed
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm/v7) (push) Has been cancelled
Details
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm64) (push) Has been cancelled
Details
Build and push Docker DEV image / build ([self-hosted x64], linux/amd64) (push) Has been cancelled
Details
Build and push Docker DEV image / merge (push) Has been cancelled
Details
Build and push Docker DEV image / rerun-failed-jobs (push) Has been cancelled
Details

Browse source 
Closes #554
This commit is contained in:
Maksim Eltyshev 2024-01-25 23:01:59 +01:00
parent 31d4d5f38d
commit 634d6ceab1
13 changed files with 112 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

21
server/api/controllers/users/update-username.js
View file

@ -53,11 +53,7 @@ module.exports = {
async fn(inputs) {
const { currentUser } = this.req;
if (inputs.id === currentUser.id) {
if (!inputs.currentPassword) {
throw Errors.INVALID_CURRENT_PASSWORD;
}
} else if (!currentUser.isAdmin) {
if (inputs.id !== currentUser.id && !currentUser.isAdmin) {
throw Errors.USER_NOT_FOUND; // Forbidden
}
@ -67,15 +63,18 @@ module.exports = {
throw Errors.USER_NOT_FOUND;
}
if (user.email === sails.config.custom.defaultAdminEmail || user.isSso) {
if (user.email === sails.config.custom.defaultAdminEmail) {
throw Errors.NOT_ENOUGH_RIGHTS;
}
if (
inputs.id === currentUser.id &&
!bcrypt.compareSync(inputs.currentPassword, user.password)
) {
throw Errors.INVALID_CURRENT_PASSWORD;
if (user.isSso) {
if (!sails.config.custom.oidcIgnoreUsername) {
throw Errors.NOT_ENOUGH_RIGHTS;
}
} else if (inputs.id === currentUser.id) {
if (!inputs.currentPassword || !bcrypt.compareSync(inputs.currentPassword, user.password)) {
throw Errors.INVALID_CURRENT_PASSWORD;
}
}
const values = _.pick(inputs, ['username']);