Skip to content
Snippets Groups Projects
Verified Commit bd27a38d authored by nd's avatar nd
Browse files

enforce access acls

parent 18474b9e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 3 additions and 0 deletions
uffd/session/views.py
+ 3
0
View file @ bd27a38d
...@@ -31,6 +31,9 @@ def login(): ...@@ -31,6 +31,9 @@ def login():
flash('Login name or password is wrong') flash('Login name or password is wrong')
return redirect(url_for('.login')) return redirect(url_for('.login'))
user = User.from_ldap(conn.entries[0]) user = User.from_ldap(conn.entries[0])
if not user.is_in_group(current_app.config['ACL_SELFSERVICE_GROUP']):
flash('You do not have access to this service')
return redirect(url_for('.login'))
session['user_uid'] = user.uid session['user_uid'] = user.uid
session['logintime'] = datetime.datetime.now().timestamp() session['logintime'] = datetime.datetime.now().timestamp()
return redirect(request.values.get('ref', url_for('index'))) return redirect(request.values.get('ref', url_for('index')))
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum - Datenschutzerklärung