llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 02:35:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: support roles and permissions in /userinfo API

Browse Source
This commit is contained in:
Yang Luo 2024-03-10 12:34:56 +08:00
parent 9175e5b664
commit 6998451e97
2 changed files with 30 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
controllers/account.go
View File

@ -459,7 +459,12 @@ func (c *ApiController) GetUserinfo() {
scope, aud := c.GetSessionOidc() scope, aud := c.GetSessionOidc()
host := c.Ctx.Request.Host host := c.Ctx.Request.Host
userInfo := object.GetUserInfo(user, scope, aud, host)
userInfo, err := object.GetUserInfo(user, scope, aud, host)
if err != nil {
c.ResponseError(err.Error())
return
}
c.Data["json"] = userInfo c.Data["json"] = userInfo
c.ServeJSON() c.ServeJSON()

26
object/user.go
View File

@ -216,6 +216,8 @@ type Userinfo struct {
Address string `json:"address,omitempty"` Address string `json:"address,omitempty"`
Phone string `json:"phone,omitempty"` Phone string `json:"phone,omitempty"`
Groups []string `json:"groups,omitempty"` Groups []string `json:"groups,omitempty"`
Roles []string `json:"roles,omitempty"`
Permissions []string `json:"permissions,omitempty"`
} }
type ManagedAccount struct { type ManagedAccount struct {
@ -914,7 +916,7 @@ func DeleteUser(user *User) (bool, error) {
return affected != 0, nil return affected != 0, nil
} }
func GetUserInfo(user *User, scope string, aud string, host string) *Userinfo { func GetUserInfo(user *User, scope string, aud string, host string) (*Userinfo, error) {
_, originBackend := getOriginFromHost(host) _, originBackend := getOriginFromHost(host)
resp := Userinfo{ resp := Userinfo{
@ -922,24 +924,44 @@ func GetUserInfo(user *User, scope string, aud string, host string) *Userinfo {
Iss: originBackend, Iss: originBackend,
Aud: aud, Aud: aud,
} }
if strings.Contains(scope, "profile") { if strings.Contains(scope, "profile") {
resp.Name = user.Name resp.Name = user.Name
resp.DisplayName = user.DisplayName resp.DisplayName = user.DisplayName
resp.Avatar = user.Avatar resp.Avatar = user.Avatar
resp.Groups = user.Groups resp.Groups = user.Groups
err := ExtendUserWithRolesAndPermissions(user)
if err != nil {
return nil, err
}
resp.Roles = []string{}
for _, role := range user.Roles {
resp.Roles = append(resp.Roles, role.Name)
}
resp.Permissions = []string{}
for _, permission := range user.Permissions {
resp.Permissions = append(resp.Permissions, permission.Name)
}
} }
if strings.Contains(scope, "email") { if strings.Contains(scope, "email") {
resp.Email = user.Email resp.Email = user.Email
// resp.EmailVerified = user.EmailVerified // resp.EmailVerified = user.EmailVerified
resp.EmailVerified = true resp.EmailVerified = true
} }
if strings.Contains(scope, "address") { if strings.Contains(scope, "address") {
resp.Address = user.Location resp.Address = user.Location
} }
if strings.Contains(scope, "phone") { if strings.Contains(scope, "phone") {
resp.Phone = user.Phone resp.Phone = user.Phone
} }
return &resp
return &resp, nil
} }
func LinkUserAccount(user *User, field string, value string) (bool, error) { func LinkUserAccount(user *User, field string, value string) (bool, error) {