mirror of
https://github.com/netzbegruenung/user_saml.git
synced 2024-05-04 10:03:42 +02:00
detect disabled user and show a appropriated error message
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
This commit is contained in:
parent
32f9a87ba3
commit
4b8558522b
|
@ -29,6 +29,7 @@ if(OC::$CLI) {
|
|||
}
|
||||
|
||||
$urlGenerator = \OC::$server->getURLGenerator();
|
||||
$l = \OC::$server->getL10N('user_saml');
|
||||
$config = \OC::$server->getConfig();
|
||||
$request = \OC::$server->getRequest();
|
||||
$userSession = \OC::$server->getUserSession();
|
||||
|
@ -71,6 +72,22 @@ if($returnScript === true) {
|
|||
}
|
||||
|
||||
$redirectSituation = false;
|
||||
|
||||
$user = $userSession->getUser();
|
||||
if ($user !== null) {
|
||||
$enabled = $user->isEnabled();
|
||||
if ($enabled === false) {
|
||||
$targetUrl = $urlGenerator->linkToRouteAbsolute(
|
||||
'user_saml.SAML.genericError',
|
||||
[
|
||||
'message' => $l->t('This user account is disabled, please contact your administrator.')
|
||||
]
|
||||
);
|
||||
header('Location: '.$targetUrl);
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
||||
// All requests that are not authenticated and match against the "/login" route are
|
||||
// redirected to the SAML login endpoint
|
||||
if(!$cli &&
|
||||
|
|
|
@ -48,5 +48,10 @@ return [
|
|||
'url' => '/saml/notProvisioned',
|
||||
'verb' => 'GET',
|
||||
],
|
||||
[
|
||||
'name' => 'SAML#genericError',
|
||||
'url' => '/saml/error',
|
||||
'verb' => 'GET',
|
||||
],
|
||||
],
|
||||
];
|
||||
|
|
|
@ -27,6 +27,7 @@ use OCA\User_SAML\UserBackend;
|
|||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\IConfig;
|
||||
use OCP\IL10N;
|
||||
use OCP\ILogger;
|
||||
use OCP\IRequest;
|
||||
use OCP\ISession;
|
||||
|
@ -52,6 +53,8 @@ class SAMLController extends Controller {
|
|||
private $userManager;
|
||||
/** @var ILogger */
|
||||
private $logger;
|
||||
/** @var IL10N */
|
||||
private $l;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
|
@ -64,6 +67,7 @@ class SAMLController extends Controller {
|
|||
* @param IURLGenerator $urlGenerator
|
||||
* @param IUserManager $userManager
|
||||
* @param ILogger $logger
|
||||
* @param IL10N $l
|
||||
*/
|
||||
public function __construct($appName,
|
||||
IRequest $request,
|
||||
|
@ -74,7 +78,8 @@ class SAMLController extends Controller {
|
|||
IConfig $config,
|
||||
IURLGenerator $urlGenerator,
|
||||
IUserManager $userManager,
|
||||
ILogger $logger) {
|
||||
ILogger $logger,
|
||||
IL10N $l) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->session = $session;
|
||||
$this->userSession = $userSession;
|
||||
|
@ -84,6 +89,7 @@ class SAMLController extends Controller {
|
|||
$this->urlGenerator = $urlGenerator;
|
||||
$this->userManager = $userManager;
|
||||
$this->logger = $logger;
|
||||
$this->l = $l;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -288,4 +294,19 @@ class SAMLController extends Controller {
|
|||
public function notProvisioned() {
|
||||
return new Http\TemplateResponse($this->appName, 'notProvisioned', [], 'guest');
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @PublicPage
|
||||
* @NoCSRFRequired
|
||||
* @OnlyUnauthenticatedUsers
|
||||
* @param string $message
|
||||
* @return Http\TemplateResponse
|
||||
*/
|
||||
public function genericError($message) {
|
||||
if (empty($message)) {
|
||||
$message = $this->l->t('Unknown error, please check the log file for more details.');
|
||||
}
|
||||
return new Http\TemplateResponse($this->appName, 'error', ['message' => $message], 'guest');
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue