-
Notifications
You must be signed in to change notification settings - Fork 217
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
db/account: refactor checkRequiredSSO and use it to check, if modifyi…
…ng the email_address is allowed or if update_on_login is set, additionally prohibit changing first or last name
- Loading branch information
1 parent
c85f74a
commit 9e5bf97
Showing
14 changed files
with
95 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,18 +5,19 @@ | |
|
||
import { Strategy } from "@cocalc/util/types/sso"; | ||
|
||
/** | ||
* If the domain of a given email address belongs to an SSO strategy, | ||
* which is configured to be an "exclusive" domain, then return the Strategy. | ||
* This also matches subdomains, i.e. "[email protected]" is goverend by "baz.edu". | ||
*/ | ||
|
||
interface Opts { | ||
email: string | undefined; | ||
strategies: Strategy[] | undefined; | ||
specificStrategy?: string; | ||
} | ||
|
||
/** | ||
* If the domain of a given email address belongs to an SSO strategy, | ||
* which is configured to be an "exclusive" domain, then return the Strategy. | ||
* This also matches subdomains, i.e. "[email protected]" is goverend by "baz.edu". | ||
* | ||
* Optionally, if @specificStrategy is set, only that strategy is checked! | ||
*/ | ||
export function checkRequiredSSO(opts: Opts): Strategy | undefined { | ||
const { email, strategies, specificStrategy } = opts; | ||
// if the domain of email is contained in any of the strategie's exclusiveDomain array, return that strategy's name | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters