mirror of
https://github.com/casdoor/casdoor.git
synced 2025-05-22 18:25:47 +08:00
fix: support roles and permissions in /userinfo API
This commit is contained in:
Yang Luo
parent
9175e5b664
commit
6998451e97
@ -459,7 +459,12 @@ func (c *ApiController) GetUserinfo() {
|
||||
|
||||
scope, aud := c.GetSessionOidc()
|
||||
host := c.Ctx.Request.Host
|
||||
userInfo := object.GetUserInfo(user, scope, aud, host)
|
||||
|
||||
userInfo, err := object.GetUserInfo(user, scope, aud, host)
|
||||
if err != nil {
|
||||
c.ResponseError(err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
c.Data["json"] = userInfo
|
||||
c.ServeJSON()
|
||||
|
||||
@ -216,6 +216,8 @@ type Userinfo struct {
|
||||
Address string `json:"address,omitempty"`
|
||||
Phone string `json:"phone,omitempty"`
|
||||
Groups []string `json:"groups,omitempty"`
|
||||
Roles []string `json:"roles,omitempty"`
|
||||
Permissions []string `json:"permissions,omitempty"`
|
||||
}
|
||||
|
||||
type ManagedAccount struct {
|
||||
@ -914,7 +916,7 @@ func DeleteUser(user *User) (bool, error) {
|
||||
return affected != 0, nil
|
||||
}
|
||||
|
||||
func GetUserInfo(user *User, scope string, aud string, host string) *Userinfo {
|
||||
func GetUserInfo(user *User, scope string, aud string, host string) (*Userinfo, error) {
|
||||
_, originBackend := getOriginFromHost(host)
|
||||
|
||||
resp := Userinfo{
|
||||
@ -922,24 +924,44 @@ func GetUserInfo(user *User, scope string, aud string, host string) *Userinfo {
|
||||
Iss: originBackend,
|
||||
Aud: aud,
|
||||
}
|
||||
|
||||
if strings.Contains(scope, "profile") {
|
||||
resp.Name = user.Name
|
||||
resp.DisplayName = user.DisplayName
|
||||
resp.Avatar = user.Avatar
|
||||
resp.Groups = user.Groups
|
||||
|
||||
err := ExtendUserWithRolesAndPermissions(user)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
resp.Roles = []string{}
|
||||
for _, role := range user.Roles {
|
||||
resp.Roles = append(resp.Roles, role.Name)
|
||||
}
|
||||
|
||||
resp.Permissions = []string{}
|
||||
for _, permission := range user.Permissions {
|
||||
resp.Permissions = append(resp.Permissions, permission.Name)
|
||||
}
|
||||
}
|
||||
|
||||
if strings.Contains(scope, "email") {
|
||||
resp.Email = user.Email
|
||||
// resp.EmailVerified = user.EmailVerified
|
||||
resp.EmailVerified = true
|
||||
}
|
||||
|
||||
if strings.Contains(scope, "address") {
|
||||
resp.Address = user.Location
|
||||
}
|
||||
|
||||
if strings.Contains(scope, "phone") {
|
||||
resp.Phone = user.Phone
|
||||
}
|
||||
return &resp
|
||||
|
||||
return &resp, nil
|
||||
}
|
||||
|
||||
func LinkUserAccount(user *User, field string, value string) (bool, error) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user