Skip to content

Commit

Permalink
fix: removing authSecret with SSO assignment
Browse files Browse the repository at this point in the history
  • Loading branch information
mistahj67 committed Nov 20, 2024
1 parent be537e2 commit e4456c6
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions cmd/api/src/api/v2/auth/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -528,7 +528,7 @@ func (s ManagementResource) UpdateUser(response http.ResponseWriter, request *ht
updateUserRequest v2.UpdateUserRequest
pathVars = mux.Vars(request)
rawUserID = pathVars[api.URIPathVariableUserID]
context = *ctx.FromRequest(request)
authCtx = *ctx.FromRequest(request)
)

if userID, err := uuid.FromString(rawUserID); err != nil {
Expand All @@ -550,7 +550,7 @@ func (s ManagementResource) UpdateUser(response http.ResponseWriter, request *ht
user.IsDisabled = updateUserRequest.IsDisabled

if user.IsDisabled {
if loggedInUser, _ := auth.GetUserFromAuthCtx(context.AuthCtx); user.ID == loggedInUser.ID {
if loggedInUser, _ := auth.GetUserFromAuthCtx(authCtx.AuthCtx); user.ID == loggedInUser.ID {
api.WriteErrorResponse(request.Context(), api.BuildErrorResponse(http.StatusBadRequest, api.ErrorResponseUserSelfDisable, request), response)
return
} else if userSessions, err := s.db.LookupActiveSessionsByUser(request.Context(), user); err != nil {
Expand All @@ -576,6 +576,7 @@ func (s ManagementResource) UpdateUser(response http.ResponseWriter, request *ht
return
} else {
// Ensure that the AuthSecret reference is nil and that the SAML provider is set
user.AuthSecret = nil // Required or the below updateUser will re-add the authSecret
user.SAMLProviderID = null.Int32From(samlProviderID)
user.SSOProviderID = provider.SSOProviderID
}
Expand All @@ -587,6 +588,7 @@ func (s ManagementResource) UpdateUser(response http.ResponseWriter, request *ht
api.HandleDatabaseError(request, response, err)
return
} else {
user.AuthSecret = nil // Required or the below updateUser will re-add the authSecret
user.SSOProviderID = updateUserRequest.SSOProviderID
if ssoProvider.Type == model.SessionAuthProviderSAML {
if ssoProvider.SAMLProvider != nil {
Expand All @@ -600,6 +602,7 @@ func (s ManagementResource) UpdateUser(response http.ResponseWriter, request *ht
} else {
// Default SAMLProviderID and SSOProviderID to null if the update request contains no SAMLProviderID and SSOProviderID
user.SAMLProvider = nil
user.SSOProvider = nil
user.SAMLProviderID = null.NewInt32(0, false)
user.SSOProviderID = null.NewInt32(0, false)
}
Expand Down

0 comments on commit e4456c6

Please sign in to comment.