allow to edit profile to users logged in via OIDC

Fixes #942 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2025-12-06 22:30:56 +03:00 · 2022-08-01 19:41:18 +02:00
parent 9d2b5dc07d
commit 2a827544ef
4 changed files with 40 additions and 45 deletions
--- a/internal/httpd/oidc_test.go
+++ b/internal/httpd/oidc_test.go
@@ -484,7 +484,7 @@ func TestOIDCLoginLogout(t *testing.T) {
 	r.RequestURI = webClientProfilePath
 	r.Header.Set("Cookie", fmt.Sprintf("%v=%v", oidcCookieKey, tokenCookie))
 	server.router.ServeHTTP(rr, r)
-	assert.Equal(t, http.StatusForbidden, rr.Code)
+	assert.Equal(t, http.StatusOK, rr.Code)
 	// the user can access the allowed pages
 	rr = httptest.NewRecorder()
 	r, err = http.NewRequest(http.MethodGet, webClientFilesPath, nil)
--- a/internal/httpd/server.go
+++ b/internal/httpd/server.go
@@ -1454,10 +1454,9 @@ func (s *httpdServer) setupWebClientRoutes() {
 				Delete(webClientDirsPath, deleteUserDir)
 			router.With(s.checkSecondFactorRequirement, s.refreshCookie).
 				Get(webClientDownloadZipPath, s.handleWebClientDownloadZip)
-			router.With(s.checkSecondFactorRequirement, s.refreshCookie, s.requireBuiltinLogin).
+			router.With(s.checkSecondFactorRequirement, s.refreshCookie).Get(webClientProfilePath,
-				Get(webClientProfilePath, s.handleClientGetProfile)
+				s.handleClientGetProfile)
-			router.With(s.checkSecondFactorRequirement, s.requireBuiltinLogin).
+			router.With(s.checkSecondFactorRequirement).Post(webClientProfilePath, s.handleWebClientProfilePost)
 				Post(webClientProfilePath, s.handleWebClientProfilePost)
 			router.With(s.checkSecondFactorRequirement, s.checkHTTPUserPerm(sdk.WebClientPasswordChangeDisabled)).
 				Get(webChangeClientPwdPath, s.handleWebClientChangePwd)
 			router.With(s.checkSecondFactorRequirement, s.checkHTTPUserPerm(sdk.WebClientPasswordChangeDisabled)).
--- a/internal/httpd/webclient.go
+++ b/internal/httpd/webclient.go
@@ -94,25 +94,24 @@ func isZeroTime(t time.Time) bool {
 }
 type baseClientPage struct {
-	Title            string
+	Title        string
-	CurrentURL       string
+	CurrentURL   string
-	FilesURL         string
+	FilesURL     string
-	SharesURL        string
+	SharesURL    string
-	ShareURL         string
+	ShareURL     string
-	ProfileURL       string
+	ProfileURL   string
-	ChangePwdURL     string
+	ChangePwdURL string
-	StaticURL        string
+	StaticURL    string
-	LogoutURL        string
+	LogoutURL    string
-	MFAURL           string
+	MFAURL       string
-	MFATitle         string
+	MFATitle     string
-	FilesTitle       string
+	FilesTitle   string
-	SharesTitle      string
+	SharesTitle  string
-	ProfileTitle     string
+	ProfileTitle string
-	Version          string
+	Version      string
-	CSRFToken        string
+	CSRFToken    string
-	HasExternalLogin bool
+	LoggedUser   *dataprovider.User
-	LoggedUser       *dataprovider.User
+	Branding     UIBranding
 	Branding         UIBranding
 }
 type dirMapping struct {
@@ -351,25 +350,24 @@ func (s *httpdServer) getBaseClientPageData(title, currentURL string, r *http.Re
 	v := version.Get()
 	return baseClientPage{
-		Title:            title,
+		Title:        title,
-		CurrentURL:       currentURL,
+		CurrentURL:   currentURL,
-		FilesURL:         webClientFilesPath,
+		FilesURL:     webClientFilesPath,
-		SharesURL:        webClientSharesPath,
+		SharesURL:    webClientSharesPath,
-		ShareURL:         webClientSharePath,
+		ShareURL:     webClientSharePath,
-		ProfileURL:       webClientProfilePath,
+		ProfileURL:   webClientProfilePath,
-		ChangePwdURL:     webChangeClientPwdPath,
+		ChangePwdURL: webChangeClientPwdPath,
-		StaticURL:        webStaticFilesPath,
+		StaticURL:    webStaticFilesPath,
-		LogoutURL:        webClientLogoutPath,
+		LogoutURL:    webClientLogoutPath,
-		MFAURL:           webClientMFAPath,
+		MFAURL:       webClientMFAPath,
-		MFATitle:         pageClient2FATitle,
+		MFATitle:     pageClient2FATitle,
-		FilesTitle:       pageClientFilesTitle,
+		FilesTitle:   pageClientFilesTitle,
-		SharesTitle:      pageClientSharesTitle,
+		SharesTitle:  pageClientSharesTitle,
-		ProfileTitle:     pageClientProfileTitle,
+		ProfileTitle: pageClientProfileTitle,
-		Version:          fmt.Sprintf("%v-%v", v.Version, v.CommitHash),
+		Version:      fmt.Sprintf("%v-%v", v.Version, v.CommitHash),
-		CSRFToken:        csrfToken,
+		CSRFToken:    csrfToken,
-		HasExternalLogin: isLoggedInWithOIDC(r),
+		LoggedUser:   getUserFromToken(r),
-		LoggedUser:       getUserFromToken(r),
+		Branding:     s.binding.Branding.WebClient,
 		Branding:         s.binding.Branding.WebClient,
 	}
 }
--- a/templates/webclient/base.html
+++ b/templates/webclient/base.html
@@ -80,13 +80,11 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.
                    <span>{{.SharesTitle}}</span></a>
            </li>
            {{end}}
            {{if not .HasExternalLogin}}
            <li class="nav-item {{if eq .CurrentURL .ProfileURL}}active{{end}}">
                <a class="nav-link" href="{{.ProfileURL}}">
                    <i class="fas fa-user"></i>
                    <span>{{.ProfileTitle}}</span></a>
            </li>
            {{end}}
            {{if .LoggedUser.CanManageMFA}}
            <li class="nav-item {{if eq .CurrentURL .MFAURL}}active{{end}}">
                <a class="nav-link" href="{{.MFAURL}}">