Skip to content

Commit

Permalink
contrib: minor Cern plugin fix
Browse files Browse the repository at this point in the history 
 * FIX Fixes an issue where `g.identity.provides` was populated with only the
 	 Cern groups. As access rights can be assigned to single users(i.e. emails),
 	 the user's e-mail must also be included in the `g.identity.provides`.
  • Loading branch information
@omelkonian
omelkonian committed Jun 23, 2016
1 parent a1779d8 commit c017c59
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions invenio_oauthclient/contrib/cern.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@
import re

from flask import current_app, session
from flask_principal import RoleNeed, identity_loaded
from flask_principal import UserNeed, RoleNeed, identity_loaded

from invenio_oauthclient.utils import oauth_link_external_id
from invenio_db import db
Expand Down Expand Up @@ -236,7 +236,8 @@ def account_setup(remote, token, resp):
oauth_link_external_id(user, dict(id=external_id, method="cern"))

groups = fetch_groups(res['Group'])
session['identity.cern_provides'] = [RoleNeed(group) for group in groups]
provides = [UserNeed(user.email)] + [RoleNeed(group) for group in groups]
session['identity.cern_provides'] = provides


@identity_loaded.connect
Expand Down

0 comments on commit c017c59

Please sign in to comment.