User access

access.lua

@@ -116,6 +116,15 @@ function is_logged_in ()
     return false
 end
 
+function has_access (user, url)
+    user = user or ngx.var.cookie_SSOwAuthUser
+    url = url or ngx.var.host..ngx.var.uri
+    for u, _ in pairs(conf["users"][user]) do
+        if string.starts(url, u) then return true end
+    end
+    return false
+end
+
 function authenticate (user, password)
     connected = lualdap.open_simple (
         "localhost",
@@ -187,11 +196,6 @@ function get_mails(user)
     return mails
 end
 
-function get_domains()
-    local domains = conf["domains"]
-    return domains
-end
-
 -- Yo dawg
 function serve(uri)
     rel_path = string.gsub(uri, conf["portal_path"], "/")
@@ -280,9 +284,14 @@ function get_data_for(view)
             cn        = cache:get(user.."-cn"),
             mail      = mails["mail"],
             mailalias = mails["mailalias"],
-            maildrop  = mails["maildrop"]
+            maildrop  = mails["maildrop"],
+            app = {}
         }
 
+        for url, name in pairs(conf["users"][user]) do
+            table.insert(data["app"], { url = url, name = name })
+        end
+
     elseif view == "password.html" then
 
         data = {
@@ -375,7 +384,7 @@ function do_edit ()
                          flash("fail", "Invalid mail address: "..mail)
                          return redirect(portal_url.."edit.html")
                      else
-                         local domains = get_domains()
+                         local domains = conf["domains"]
                          local domain_valid = false
                          for _, domain in ipairs(domains) do
                              if string.ends(mail, "@"..domain) then
@@ -637,6 +646,10 @@ end
 --
 
 if is_logged_in() then
+    if not has_access() then
+        ngx.status = 403
+        ngx.exit(403)
+    end
     set_headers()
     return pass()
 else

portal/info.html

@@ -1,6 +1,27 @@
 <div class="row">
     <div class="col-md-4 text-center">
-      <img src="assets/img/avatar.png">
+        <h3>My apps</h3>
+        <div class="visible-sm visible-xs" style="height: 20px"></div>
+    </div>
+    <div class="col-md-8">
+        <div class="row">
+        {{#app}}
+        <div class="col-sm-3 text-center" style="float: left; width: 130px; height: 130px">
+            <a style="font-size: 44px; padding: 15%;" class="btn btn-lg btn-primary btn-block" href="https://{{url}}" title="{{name}}">
+                <div style="font-family: 'monospace'; width:28px; margin-left: 21px; overflow: hidden">{{name}}</div>
+            </a>
+            <a href="https://{{url}}"><h6>{{name}}</h6></a>
+        </div>
+        {{/app}}
+        </div>
+    </div>
+</div>
+<hr>
+<div class="row">
+    <div class="col-md-4 text-center">
+        <h3>Profile</h3>
+        <div class="visible-sm visible-xs" style="height: 20px"></div>
+        <img src="assets/img/avatar.png">
     </div>
     <div class="visible-sm" style="height: 20px"></div>
     <div class="col-md-8">
@@ -34,10 +55,10 @@
 <hr>
 <div class="row">
     <div class="col-sm-6 text-center">
-        <a href="password.html" class="btn btn-lg btn-primary">Change password</a>
+        <a href="password.html" class="btn btn-lg btn-danger">Change password</a>
     </div>
     <div class="visible-xs" style="height: 20px"></div>
     <div class="col-sm-6 text-center">
-        <a href="edit.html" class="btn btn-lg btn-info">Edit</a>
+        <a href="edit.html" class="btn btn-lg btn-warning">Edit</a>
     </div>
 </div>