mirror of
https://github.com/juanfont/headscale.git
synced 2024-12-02 03:33:05 +00:00
Compare commits
4 commits
bcb1dceb5b
...
21e8f87845
Author | SHA1 | Date | |
---|---|---|---|
|
21e8f87845 | ||
|
633297915a | ||
|
4ba319a0d3 | ||
|
b2ab5ac1ad |
3 changed files with 10 additions and 9 deletions
|
@ -990,7 +990,7 @@ func filterNodesByUser(nodes types.Nodes, users []types.User, userToken string)
|
|||
|
||||
var potentialUsers []types.User
|
||||
for _, user := range users {
|
||||
if user.ProviderIdentifier == userToken {
|
||||
if user.ProviderIdentifier.Valid && user.ProviderIdentifier.String == userToken {
|
||||
// If a user is matching with a known unique field,
|
||||
// disgard all other users and only keep the current
|
||||
// user.
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package policy
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"errors"
|
||||
"math/rand/v2"
|
||||
"net/netip"
|
||||
|
@ -873,7 +874,7 @@ func Test_filterNodesByUser(t *testing.T) {
|
|||
users := []types.User{
|
||||
{Model: gorm.Model{ID: 1}, Name: "marc"},
|
||||
{Model: gorm.Model{ID: 2}, Name: "joe", Email: "joe@headscale.net"},
|
||||
{Model: gorm.Model{ID: 3}, Name: "mikael", Email: "mikael@headscale.net", ProviderIdentifier: "http://oidc.org/1234"},
|
||||
{Model: gorm.Model{ID: 3}, Name: "mikael", Email: "mikael@headscale.net", ProviderIdentifier: sql.NullString{String: "http://oidc.org/1234", Valid: true}},
|
||||
{Model: gorm.Model{ID: 4}, Name: "mikael2", Email: "mikael@headscale.net"},
|
||||
{Model: gorm.Model{ID: 5}, Name: "mikael", Email: "mikael2@headscale.net"},
|
||||
{Model: gorm.Model{ID: 6}, Name: "http://oidc.org/1234", Email: "mikael@headscale.net"},
|
||||
|
|
|
@ -24,14 +24,14 @@ type User struct {
|
|||
|
||||
// Username for the user, is used if email is empty
|
||||
// Should not be used, please use Username().
|
||||
Name sql.NullString `gorm:"unique"`
|
||||
Name string `gorm:"unique"`
|
||||
|
||||
// Typically the full name of the user
|
||||
DisplayName string
|
||||
|
||||
// Email of the user
|
||||
// Should not be used, please use Username().
|
||||
Email sql.NullString
|
||||
Email string
|
||||
|
||||
// Unique identifier of the user from OIDC,
|
||||
// comes from `sub` claim in the OIDC token
|
||||
|
@ -53,7 +53,7 @@ type User struct {
|
|||
// should be used throughout headscale, in information returned to the
|
||||
// user and the Policy engine.
|
||||
func (u *User) Username() string {
|
||||
return cmp.Or(u.Email.String, u.Name.String, u.ProviderIdentifier.String, strconv.FormatUint(uint64(u.ID), 10))
|
||||
return cmp.Or(u.Email, u.Name, u.ProviderIdentifier.String, strconv.FormatUint(uint64(u.ID), 10))
|
||||
}
|
||||
|
||||
// DisplayNameOrUsername returns the DisplayName if it exists, otherwise
|
||||
|
@ -105,10 +105,10 @@ func (u *User) TailscaleUserProfile() tailcfg.UserProfile {
|
|||
func (u *User) Proto() *v1.User {
|
||||
return &v1.User{
|
||||
Id: strconv.FormatUint(uint64(u.ID), util.Base10),
|
||||
Name: u.Name.String,
|
||||
Name: u.Name,
|
||||
CreatedAt: timestamppb.New(u.CreatedAt),
|
||||
DisplayName: u.DisplayName,
|
||||
Email: u.Email.String,
|
||||
Email: u.Email,
|
||||
ProviderId: u.ProviderIdentifier.String,
|
||||
Provider: u.Provider,
|
||||
ProfilePicUrl: u.ProfilePicURL,
|
||||
|
@ -133,13 +133,13 @@ type OIDCClaims struct {
|
|||
func (u *User) FromClaim(claims *OIDCClaims) {
|
||||
err := util.CheckForFQDNRules(claims.Username)
|
||||
if err == nil {
|
||||
u.Name.String = claims.Username
|
||||
u.Name = claims.Username
|
||||
}
|
||||
|
||||
if claims.EmailVerified {
|
||||
_, err = mail.ParseAddress(claims.Email)
|
||||
if err == nil {
|
||||
u.Email.String = claims.Email
|
||||
u.Email = claims.Email
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue