Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Coscine
backend
apis
STS
Commits
b78548c1
Commit
b78548c1
authored
Apr 26, 2022
by
Hanna Führ
Committed by
Benedikt Heinrichs
Apr 26, 2022
Browse files
Fix: Dealing correctly with entitlement
parent
8d54b786
Changes
2
Hide whitespace changes
Inline
Side-by-side
src/STS/Controllers/ShibbolethController.cs
View file @
b78548c1
...
...
@@ -94,9 +94,9 @@ namespace Coscine.Api.STS.Controllers
_rdfStoreConnector
.
RemoveMembershipData
(
userGraphName
,
organization
);
// Reverse lookup...
var
eduPersonScopedAffiliation
=
info
.
Principal
.
FindAll
(
ShibbolethAttributeMapping
.
LabelMapping
.
FirstOrDefault
(
x
=>
x
.
Value
==
"
Entitlement
"
).
Key
);
var
eduPersonScopedAffiliation
=
info
.
Principal
.
FindAll
(
ShibbolethAttributeMapping
.
LabelMapping
.
FirstOrDefault
(
x
=>
x
.
Value
==
"
ScopedAffiliation
"
).
Key
);
var
orgFromId
=
_rdfStoreConnector
.
GetOrgnizationWithIdentifier
(
identifier
);
if
(
eduPersonScopedAffiliation
.
Any
(
x
=>
x
.
Value
.
StartsWith
(
"employee@"
)))
if
(
eduPersonScopedAffiliation
.
Any
(
x
=>
x
.
Value
.
StartsWith
(
"employee@"
)
||
x
.
Value
.
StartsWith
(
"staff@"
)
))
{
// Add membership information.
_rdfStoreConnector
.
AddMemebershipData
(
userGraphName
,
organization
);
...
...
src/STS/Utils/ShibbolethAttributeMapping.cs
View file @
b78548c1
...
...
@@ -17,7 +17,7 @@ namespace Coscine.Api.STS.Utils
{
"urn:oid:2.5.4.4"
,
"Surname"
},
{
"urn:oid:1.3.6.1.4.1.5540.2.1.96"
,
"Givenname"
},
{
"urn:oid:0.9.2342.19200300.100.1.3"
,
"EmailAddress"
},
{
"urn:oid:1.3.6.1.4.1.5923.1.1.1.9"
,
"
Entitlement
"
},
{
"urn:oid:1.3.6.1.4.1.5923.1.1.1.9"
,
"
ScopedAffiliation
"
},
{
"urn:oid:2.5.4.10"
,
"Organization"
},
};
...
...
@@ -38,7 +38,7 @@ namespace Coscine.Api.STS.Utils
user
.
EmailAddress
=
(
string
)
value
;
break
;
case
"urn:oid:1.3.6.1.4.1.5923.1.1.1.9"
:
if
(
user
.
Entitlement
==
null
||
!
user
.
Entitlement
.
Contains
(
"employee"
))
if
(
user
.
Entitlement
==
null
||
!
(
user
.
Entitlement
.
Contains
(
"employee"
)
||
user
.
Entitlement
.
Contains
(
"staff"
))
)
{
user
.
Entitlement
=
(
string
)
value
;
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
