Skip to content

Commit

Permalink
feat: check for vidis role on login
Browse files Browse the repository at this point in the history
  • Loading branch information
@hejtful
hejtful committed Jul 19, 2024
1 parent 79d0377 commit 503de6b
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 2 deletions.
3 changes: 3 additions & 0 deletions modules/kratos/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@ kratos:
autoMigrate: true

config:
log:
leak_sensitive_values: true

dsn: ${dsn}

serve:
Expand Down
9 changes: 7 additions & 2 deletions modules/kratos/vidis_user_mapper.jsonnet
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,17 @@ local buildUsername = function()
then preferredUsername + '-' + enshortenUuid(uuid)
else enshortenUuid(uuid);

local checkIfIsTeacher = function()
local rawClaims = extractFromClaims('raw_claims');

if 'rolle' in rawClaims then rawClaims['rolle'] == 'LEHR' else false;

{
identity: {
identity: if checkIfIsTeacher() then {
traits: {
email: buildEmail(),
username: buildUsername(),
interest: 'other',
},
},
} else error std.format("ERR_BAD_ROLE"),
}

0 comments on commit 503de6b

Please sign in to comment.