Changeset View
Changeset View
Standalone View
Standalone View
swh/web/auth/backends.py
| Show All 38 Lines | user = OIDCUser( | ||||
| last_name=decoded_token["family_name"], | last_name=decoded_token["family_name"], | ||||
| email=decoded_token["email"], | email=decoded_token["email"], | ||||
| ) | ) | ||||
| # set is_staff user property based on groups | # set is_staff user property based on groups | ||||
| if "groups" in decoded_token: | if "groups" in decoded_token: | ||||
| user.is_staff = "/staff" in decoded_token["groups"] | user.is_staff = "/staff" in decoded_token["groups"] | ||||
| # extract user permissions if any | |||||
| resource_access = decoded_token.get("resource_access", {}) | |||||
| client_resource_access = resource_access.get(_oidc_client.client_id, {}) | |||||
| user.permissions = set(client_resource_access.get("roles", [])) | |||||
| # add user sub to custom User proxy model | # add user sub to custom User proxy model | ||||
| user.sub = decoded_token["sub"] | user.sub = decoded_token["sub"] | ||||
| return user | return user | ||||
| def _oidc_user_from_profile(oidc_profile: Dict[str, Any]) -> OIDCUser: | def _oidc_user_from_profile(oidc_profile: Dict[str, Any]) -> OIDCUser: | ||||
| ▲ Show 20 Lines • Show All 91 Lines • Show Last 20 Lines | |||||