1
0
mirror of https://github.com/stonith404/pingvin-share.git synced 2024-11-15 11:50:34 +01:00

refactor: run formatter

This commit is contained in:
Elias Schneider 2024-07-30 08:39:22 +02:00
parent 3505669135
commit 93aacca9b4
No known key found for this signature in database
GPG Key ID: 07E623B294202B6C
3 changed files with 19 additions and 9 deletions

View File

@ -146,9 +146,14 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
} }
if (Array.isArray(roles)) { if (Array.isArray(roles)) {
// Roles are found in the token // Roles are found in the token
if (roleConfig.generalAccess && !roles.includes(roleConfig.generalAccess)) { if (
roleConfig.generalAccess &&
!roles.includes(roleConfig.generalAccess)
) {
// Role for general access is configured and the user does not have it // Role for general access is configured and the user does not have it
this.logger.error(`User roles ${roles} do not include ${roleConfig.generalAccess}`); this.logger.error(
`User roles ${roles} do not include ${roleConfig.generalAccess}`,
);
throw new ErrorPageException("user_not_allowed"); throw new ErrorPageException("user_not_allowed");
} }
if (roleConfig.adminAccess) { if (roleConfig.adminAccess) {

View File

@ -35,8 +35,10 @@ export class OidcProvider extends GenericOidcProvider {
): Promise<OAuthSignInDto> { ): Promise<OAuthSignInDto> {
const claim = this.config.get("oauth.oidc-usernameClaim") || undefined; const claim = this.config.get("oauth.oidc-usernameClaim") || undefined;
const rolePath = this.config.get("oauth.oidc-rolePath") || undefined; const rolePath = this.config.get("oauth.oidc-rolePath") || undefined;
const roleGeneralAccess = this.config.get("oauth.oidc-roleGeneralAccess") || undefined; const roleGeneralAccess =
const roleAdminAccess = this.config.get("oauth.oidc-roleAdminAccess") || undefined; this.config.get("oauth.oidc-roleGeneralAccess") || undefined;
const roleAdminAccess =
this.config.get("oauth.oidc-roleAdminAccess") || undefined;
return super.getUserInfo(token, query, claim, { return super.getUserInfo(token, query, claim, {
path: rolePath, path: rolePath,
generalAccess: roleGeneralAccess, generalAccess: roleGeneralAccess,

View File

@ -63,9 +63,12 @@ export class ShareSecurityGuard extends JwtGuard {
const user = request.user as User; const user = request.user as User;
// Only the creator and reverse share creator can access the reverse share if it's not public // Only the creator and reverse share creator can access the reverse share if it's not public
if (share.reverseShare && !share.reverseShare.publicAccess if (
&& share.creatorId !== user?.id share.reverseShare &&
&& share.reverseShare.creatorId !== user?.id) !share.reverseShare.publicAccess &&
share.creatorId !== user?.id &&
share.reverseShare.creatorId !== user?.id
)
throw new ForbiddenException( throw new ForbiddenException(
"Only reverse share creator can access this share", "Only reverse share creator can access this share",
"private_share", "private_share",