Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
6722938ae6 | ||
|
|
9f720388ef | ||
|
|
e7b3c48ff4 | ||
|
|
0dfd4d014d | ||
|
|
ce0dc976a8 |
@@ -1,3 +1,10 @@
|
|||||||
|
## [1.10.2](https://github.com/stonith404/pingvin-share/compare/v1.10.1...v1.10.2) (2025-03-07)
|
||||||
|
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* don't throw error if group claim is missing ([e7b3c48](https://github.com/stonith404/pingvin-share/commit/e7b3c48ff48bd7cfb206c32ea97862b757057573))
|
||||||
|
|
||||||
## [1.10.1](https://github.com/stonith404/pingvin-share/compare/v1.10.0...v1.10.1) (2025-02-28)
|
## [1.10.1](https://github.com/stonith404/pingvin-share/compare/v1.10.0...v1.10.1) (2025-02-28)
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
1282
backend/package-lock.json
generated
1282
backend/package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "pingvin-share-backend",
|
"name": "pingvin-share-backend",
|
||||||
"version": "1.10.1",
|
"version": "1.10.2",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
"build": "nest build",
|
"build": "nest build",
|
||||||
"dev": "cross-env NODE_ENV=development nest start --watch",
|
"dev": "cross-env NODE_ENV=development nest start --watch",
|
||||||
@@ -13,7 +13,7 @@
|
|||||||
"seed": "ts-node prisma/seed/config.seed.ts"
|
"seed": "ts-node prisma/seed/config.seed.ts"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@aws-sdk/client-s3": "^3.679.0",
|
"@aws-sdk/client-s3": "^3.758.0",
|
||||||
"@nestjs/cache-manager": "^2.2.2",
|
"@nestjs/cache-manager": "^2.2.2",
|
||||||
"@nestjs/common": "^10.4.3",
|
"@nestjs/common": "^10.4.3",
|
||||||
"@nestjs/config": "^3.2.3",
|
"@nestjs/config": "^3.2.3",
|
||||||
@@ -24,7 +24,7 @@
|
|||||||
"@nestjs/schedule": "^4.1.1",
|
"@nestjs/schedule": "^4.1.1",
|
||||||
"@nestjs/swagger": "^7.4.2",
|
"@nestjs/swagger": "^7.4.2",
|
||||||
"@nestjs/throttler": "^6.2.1",
|
"@nestjs/throttler": "^6.2.1",
|
||||||
"@prisma/client": "^5.19.1",
|
"@prisma/client": "^6.4.1",
|
||||||
"@types/jmespath": "^0.15.2",
|
"@types/jmespath": "^0.15.2",
|
||||||
"archiver": "^7.0.1",
|
"archiver": "^7.0.1",
|
||||||
"argon2": "^0.41.1",
|
"argon2": "^0.41.1",
|
||||||
@@ -79,7 +79,7 @@
|
|||||||
"eslint-plugin-prettier": "^5.2.1",
|
"eslint-plugin-prettier": "^5.2.1",
|
||||||
"newman": "^6.2.1",
|
"newman": "^6.2.1",
|
||||||
"prettier": "^3.3.3",
|
"prettier": "^3.3.3",
|
||||||
"prisma": "^5.19.1",
|
"prisma": "^6.4.1",
|
||||||
"source-map-support": "^0.5.21",
|
"source-map-support": "^0.5.21",
|
||||||
"ts-loader": "^9.5.1",
|
"ts-loader": "^9.5.1",
|
||||||
"tsconfig-paths": "4.2.0",
|
"tsconfig-paths": "4.2.0",
|
||||||
|
|||||||
@@ -147,38 +147,33 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
|
|||||||
|
|
||||||
if (roleConfig?.path) {
|
if (roleConfig?.path) {
|
||||||
// A path to read roles from the token is configured
|
// A path to read roles from the token is configured
|
||||||
let roles: string[] | null;
|
let roles: string[] = [];
|
||||||
try {
|
try {
|
||||||
roles = jmespath.search(idTokenData, roleConfig.path);
|
roles = jmespath.search(idTokenData, roleConfig.path);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
roles = null;
|
this.logger.warn(
|
||||||
}
|
|
||||||
if (Array.isArray(roles)) {
|
|
||||||
// Roles are found in the token
|
|
||||||
if (
|
|
||||||
roleConfig.generalAccess &&
|
|
||||||
!roles.includes(roleConfig.generalAccess)
|
|
||||||
) {
|
|
||||||
// Role for general access is configured and the user does not have it
|
|
||||||
this.logger.error(
|
|
||||||
`User roles ${roles} do not include ${roleConfig.generalAccess}`,
|
|
||||||
);
|
|
||||||
throw new ErrorPageException("user_not_allowed");
|
|
||||||
}
|
|
||||||
if (roleConfig.adminAccess) {
|
|
||||||
// Role for admin access is configured
|
|
||||||
isAdmin = roles.includes(roleConfig.adminAccess);
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
this.logger.error(
|
|
||||||
`Roles not found at path ${roleConfig.path} in ID Token ${JSON.stringify(
|
`Roles not found at path ${roleConfig.path} in ID Token ${JSON.stringify(
|
||||||
idTokenData,
|
idTokenData,
|
||||||
undefined,
|
undefined,
|
||||||
2,
|
2,
|
||||||
)}`,
|
)}`,
|
||||||
);
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (
|
||||||
|
roleConfig.generalAccess &&
|
||||||
|
!roles.includes(roleConfig.generalAccess)
|
||||||
|
) {
|
||||||
|
// Role for general access is configured and the user does not have it
|
||||||
|
this.logger.error(
|
||||||
|
`User roles ${roles} do not include ${roleConfig.generalAccess}`,
|
||||||
|
);
|
||||||
throw new ErrorPageException("user_not_allowed");
|
throw new ErrorPageException("user_not_allowed");
|
||||||
}
|
}
|
||||||
|
if (roleConfig.adminAccess) {
|
||||||
|
// Role for admin access is configured
|
||||||
|
isAdmin = roles.includes(roleConfig.adminAccess);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!username) {
|
if (!username) {
|
||||||
|
|||||||
4
frontend/package-lock.json
generated
4
frontend/package-lock.json
generated
@@ -1,12 +1,12 @@
|
|||||||
{
|
{
|
||||||
"name": "pingvin-share-frontend",
|
"name": "pingvin-share-frontend",
|
||||||
"version": "1.10.1",
|
"version": "1.10.2",
|
||||||
"lockfileVersion": 2,
|
"lockfileVersion": 2,
|
||||||
"requires": true,
|
"requires": true,
|
||||||
"packages": {
|
"packages": {
|
||||||
"": {
|
"": {
|
||||||
"name": "pingvin-share-frontend",
|
"name": "pingvin-share-frontend",
|
||||||
"version": "1.10.1",
|
"version": "1.10.2",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@emotion/react": "^11.13.3",
|
"@emotion/react": "^11.13.3",
|
||||||
"@emotion/server": "^11.11.0",
|
"@emotion/server": "^11.11.0",
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "pingvin-share-frontend",
|
"name": "pingvin-share-frontend",
|
||||||
"version": "1.10.1",
|
"version": "1.10.2",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
"dev": "next dev",
|
"dev": "next dev",
|
||||||
"build": "next build",
|
"build": "next build",
|
||||||
|
|||||||
@@ -506,7 +506,7 @@ export default {
|
|||||||
"admin.config.smtp.port.description": "Port of the SMTP server",
|
"admin.config.smtp.port.description": "Port of the SMTP server",
|
||||||
"admin.config.smtp.email": "Email",
|
"admin.config.smtp.email": "Email",
|
||||||
"admin.config.smtp.email.description":
|
"admin.config.smtp.email.description":
|
||||||
"Email address from wich the emails get sent",
|
"Email address from which the emails get sent",
|
||||||
"admin.config.smtp.username": "Username",
|
"admin.config.smtp.username": "Username",
|
||||||
"admin.config.smtp.username.description": "Username of the SMTP server",
|
"admin.config.smtp.username.description": "Username of the SMTP server",
|
||||||
"admin.config.smtp.password": "Password",
|
"admin.config.smtp.password": "Password",
|
||||||
|
|||||||
4
package-lock.json
generated
4
package-lock.json
generated
@@ -1,12 +1,12 @@
|
|||||||
{
|
{
|
||||||
"name": "pingvin-share",
|
"name": "pingvin-share",
|
||||||
"version": "1.10.1",
|
"version": "1.10.2",
|
||||||
"lockfileVersion": 3,
|
"lockfileVersion": 3,
|
||||||
"requires": true,
|
"requires": true,
|
||||||
"packages": {
|
"packages": {
|
||||||
"": {
|
"": {
|
||||||
"name": "pingvin-share",
|
"name": "pingvin-share",
|
||||||
"version": "1.10.1",
|
"version": "1.10.2",
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"conventional-changelog-cli": "^3.0.0"
|
"conventional-changelog-cli": "^3.0.0"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "pingvin-share",
|
"name": "pingvin-share",
|
||||||
"version": "1.10.1",
|
"version": "1.10.2",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
"format": "cd frontend && npm run format && cd ../backend && npm run format",
|
"format": "cd frontend && npm run format && cd ../backend && npm run format",
|
||||||
"lint": "cd frontend && npm run lint && cd ../backend && npm run lint",
|
"lint": "cd frontend && npm run lint && cd ../backend && npm run lint",
|
||||||
|
|||||||
Reference in New Issue
Block a user