Closed Ducarouge closed 9 months ago
Hi,
It seems that there is a bug on the user's groups to determine if he has the admin role.
When using qwc-oidc-auth or qwc-ldap-auth to login, the user's groups are defined in identity["groups"] and are not unique.
This PR proposes a fix to use the groups list defined in identity to determine if a user is admin.
Let me know if there is a case were identity["group"] is used and i will modify the fix to catch both cases.
Thanks.
Thanks !
Ducarouge
commented
9 months ago Ducarouge
commented
9 months ago
Hi,
It seems that there is a bug on the user's groups to determine if he has the admin role.
When using qwc-oidc-auth or qwc-ldap-auth to login, the user's groups are defined in identity["groups"] and are not unique.
This PR proposes a fix to use the groups list defined in identity to determine if a user is admin.
Let me know if there is a case were identity["group"] is used and i will modify the fix to catch both cases.
Thanks.