allow to edit profile to users logged in via OIDC

Fixes #942 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2025-12-06 22:30:56 +03:00 · 2022-08-01 19:41:18 +02:00
parent 9d2b5dc07d
commit 2a827544ef
4 changed files with 40 additions and 45 deletions
--- a/internal/httpd/oidc_test.go
+++ b/internal/httpd/oidc_test.go
@@ -484,7 +484,7 @@ func TestOIDCLoginLogout(t *testing.T) {
 	r.RequestURI = webClientProfilePath
 	r.Header.Set("Cookie", fmt.Sprintf("%v=%v", oidcCookieKey, tokenCookie))
 	server.router.ServeHTTP(rr, r)
-	assert.Equal(t, http.StatusForbidden, rr.Code)
+	assert.Equal(t, http.StatusOK, rr.Code)
 	// the user can access the allowed pages
 	rr = httptest.NewRecorder()
 	r, err = http.NewRequest(http.MethodGet, webClientFilesPath, nil)
--- a/internal/httpd/server.go
+++ b/internal/httpd/server.go
@@ -1454,10 +1454,9 @@ func (s *httpdServer) setupWebClientRoutes() {
 				Delete(webClientDirsPath, deleteUserDir)
 			router.With(s.checkSecondFactorRequirement, s.refreshCookie).
 				Get(webClientDownloadZipPath, s.handleWebClientDownloadZip)
-			router.With(s.checkSecondFactorRequirement, s.refreshCookie, s.requireBuiltinLogin).
-				Get(webClientProfilePath, s.handleClientGetProfile)
-			router.With(s.checkSecondFactorRequirement, s.requireBuiltinLogin).
-				Post(webClientProfilePath, s.handleWebClientProfilePost)
+			router.With(s.checkSecondFactorRequirement, s.refreshCookie).Get(webClientProfilePath,
+				s.handleClientGetProfile)
+			router.With(s.checkSecondFactorRequirement).Post(webClientProfilePath, s.handleWebClientProfilePost)
 			router.With(s.checkSecondFactorRequirement, s.checkHTTPUserPerm(sdk.WebClientPasswordChangeDisabled)).
 				Get(webChangeClientPwdPath, s.handleWebClientChangePwd)
 			router.With(s.checkSecondFactorRequirement, s.checkHTTPUserPerm(sdk.WebClientPasswordChangeDisabled)).
--- a/internal/httpd/webclient.go
+++ b/internal/httpd/webclient.go
@@ -110,7 +110,6 @@ type baseClientPage struct {
 	ProfileTitle string
 	Version      string
 	CSRFToken    string
-	HasExternalLogin bool
 	LoggedUser   *dataprovider.User
 	Branding     UIBranding
 }
@@ -367,7 +366,6 @@ func (s *httpdServer) getBaseClientPageData(title, currentURL string, r *http.Re
 		ProfileTitle: pageClientProfileTitle,
 		Version:      fmt.Sprintf("%v-%v", v.Version, v.CommitHash),
 		CSRFToken:    csrfToken,
-		HasExternalLogin: isLoggedInWithOIDC(r),
 		LoggedUser:   getUserFromToken(r),
 		Branding:     s.binding.Branding.WebClient,
 	}
--- a/templates/webclient/base.html
+++ b/templates/webclient/base.html
@@ -80,13 +80,11 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.
                    <span>{{.SharesTitle}}</span></a>
            </li>
            {{end}}
-            {{if not .HasExternalLogin}}
            <li class="nav-item {{if eq .CurrentURL .ProfileURL}}active{{end}}">
                <a class="nav-link" href="{{.ProfileURL}}">
                    <i class="fas fa-user"></i>
                    <span>{{.ProfileTitle}}</span></a>
            </li>
-            {{end}}
            {{if .LoggedUser.CanManageMFA}}
            <li class="nav-item {{if eq .CurrentURL .MFAURL}}active{{end}}">
                <a class="nav-link" href="{{.MFAURL}}">