Added ability to set custom roles for users logging in via oauth provider (#985)

This commit is contained in:
Johannes Langer 2017-11-10 17:38:33 +01:00 committed by kevgliss
parent f990ef27cf
commit 041f3a22fa
1 changed files with 8 additions and 1 deletions

View File

@ -345,9 +345,16 @@ class OAuth2(Resource):
user = user_service.get_by_email(profile['email']) user = user_service.get_by_email(profile['email'])
metrics.send('successful_login', 'counter', 1) metrics.send('successful_login', 'counter', 1)
# update their google 'roles' # update with roles sent by identity provider
roles = [] roles = []
if 'roles' in profile:
for group in profile['roles']:
role = role_service.get_by_name(group)
if not role:
role = role_service.create(group, description='This is a group configured by identity provider')
roles.append(role)
role = role_service.get_by_name(profile['email']) role = role_service.get_by_name(profile['email'])
if not role: if not role:
role = role_service.create(profile['email'], description='This is a user specific role') role = role_service.create(profile['email'], description='This is a user specific role')