User access

2024-09-03 20:06:27 +02:00 · 2013-10-29 10:48:56 +00:00 · 2013-10-29 10:48:56 +00:00 · 4ee9f6df2a
commit 4ee9f6df2a
parent c881274512
2 changed files with 44 additions and 10 deletions
--- a/access.lua
+++ b/access.lua
@ -116,6 +116,15 @@ function is_logged_in ()
    return false
 end

+function has_access (user, url)
+    user = user or ngx.var.cookie_SSOwAuthUser
+    url = url or ngx.var.host..ngx.var.uri
+    for u, _ in pairs(conf["users"][user]) do
+        if string.starts(url, u) then return true end
+    end
+    return false
+end
+
 function authenticate (user, password)
    connected = lualdap.open_simple (
        "localhost",
@ -187,11 +196,6 @@ function get_mails(user)
    return mails
 end

-function get_domains()
-    local domains = conf["domains"]
-    return domains
-end
-
 -- Yo dawg
 function serve(uri)
    rel_path = string.gsub(uri, conf["portal_path"], "/")
@ -280,9 +284,14 @@ function get_data_for(view)
            cn        = cache:get(user.."-cn"),
            mail      = mails["mail"],
            mailalias = mails["mailalias"],
-            maildrop  = mails["maildrop"]
+            maildrop  = mails["maildrop"],
+            app = {}
        }

+        for url, name in pairs(conf["users"][user]) do
+            table.insert(data["app"], { url = url, name = name })
+        end
+
    elseif view == "password.html" then

        data = {
@ -375,7 +384,7 @@ function do_edit ()
                         flash("fail", "Invalid mail address: "..mail)
                         return redirect(portal_url.."edit.html")
                     else
-                         local domains = get_domains()
+                         local domains = conf["domains"]
                         local domain_valid = false
                         for _, domain in ipairs(domains) do
                             if string.ends(mail, "@"..domain) then
@ -637,6 +646,10 @@ end
 --

 if is_logged_in() then
+    if not has_access() then
+        ngx.status = 403
+        ngx.exit(403)
+    end
    set_headers()
    return pass()
 else
--- a/portal/info.html
+++ b/portal/info.html
@ -1,6 +1,27 @@
 <div class="row">
    <div class="col-md-4 text-center">
-      <img src="assets/img/avatar.png">
+        <h3>My apps</h3>
+        <div class="visible-sm visible-xs" style="height: 20px"></div>
+    </div>
+    <div class="col-md-8">
+        <div class="row">
+        {{#app}}
+        <div class="col-sm-3 text-center" style="float: left; width: 130px; height: 130px">
+            <a style="font-size: 44px; padding: 15%;" class="btn btn-lg btn-primary btn-block" href="https://{{url}}" title="{{name}}">
+                <div style="font-family: 'monospace'; width:28px; margin-left: 21px; overflow: hidden">{{name}}</div>
+            </a>
+            <a href="https://{{url}}"><h6>{{name}}</h6></a>
+        </div>
+        {{/app}}
+        </div>
+    </div>
+</div>
+<hr>
+<div class="row">
+    <div class="col-md-4 text-center">
+        <h3>Profile</h3>
+        <div class="visible-sm visible-xs" style="height: 20px"></div>
+        <img src="assets/img/avatar.png">
    </div>
    <div class="visible-sm" style="height: 20px"></div>
    <div class="col-md-8">
@ -34,10 +55,10 @@
 <hr>
 <div class="row">
    <div class="col-sm-6 text-center">
-        <a href="password.html" class="btn btn-lg btn-primary">Change password</a>
+        <a href="password.html" class="btn btn-lg btn-danger">Change password</a>
    </div>
    <div class="visible-xs" style="height: 20px"></div>
    <div class="col-sm-6 text-center">
-        <a href="edit.html" class="btn btn-lg btn-info">Edit</a>
+        <a href="edit.html" class="btn btn-lg btn-warning">Edit</a>
    </div>
 </div>