Changeset View
Changeset View
Standalone View
Standalone View
swh/web/auth/backends.py
Show All 38 Lines | user = OIDCUser( | ||||
last_name=decoded_token["family_name"], | last_name=decoded_token["family_name"], | ||||
email=decoded_token["email"], | email=decoded_token["email"], | ||||
) | ) | ||||
# set is_staff user property based on groups | # set is_staff user property based on groups | ||||
if "groups" in decoded_token: | if "groups" in decoded_token: | ||||
user.is_staff = "/staff" in decoded_token["groups"] | user.is_staff = "/staff" in decoded_token["groups"] | ||||
# extract user permissions if any | |||||
resource_access = decoded_token.get("resource_access", {}) | |||||
client_resource_access = resource_access.get(_oidc_client.client_id, {}) | |||||
user.permissions = set(client_resource_access.get("roles", [])) | |||||
# add user sub to custom User proxy model | # add user sub to custom User proxy model | ||||
user.sub = decoded_token["sub"] | user.sub = decoded_token["sub"] | ||||
return user | return user | ||||
def _oidc_user_from_profile(oidc_profile: Dict[str, Any]) -> OIDCUser: | def _oidc_user_from_profile(oidc_profile: Dict[str, Any]) -> OIDCUser: | ||||
▲ Show 20 Lines • Show All 91 Lines • Show Last 20 Lines |