Skip to content
Snippets Groups Projects
Verified Commit f6480d80 authored by Maarten de Waard's avatar Maarten de Waard :angel:
Browse files

deny app access if role_id is 3 (no access)

parent a7c0b0a6
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 1 deletion
web/login/login.py
+ 2
1
View file @ f6480d80
......@@ -262,7 +262,8 @@ def consent():
.filter(AppRole.user_id == user.uuid)
.first()
)
if role_object is None or role_object.role_id is None:
# Role ID 3 is always "No access" due to migration b514cca2d47b
if role_object is None or role_object.role_id is None or role_object.role_id == 3:
# If there is no role in app_roles or the role_id for an app is null user has no permissions
current_app.logger.error(f"User has no access for: {app_obj.name}")
return redirect(
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment