Mercurial > gemma
diff pkg/auth/opendb.go @ 453:a7dc68d8e22f
Only let users in which are listed in users.list_users.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Wed, 22 Aug 2018 11:05:59 +0200 |
parents | 62c909dd3098 |
children | 685b886002b8 |
line wrap: on
line diff
--- a/pkg/auth/opendb.go Wed Aug 22 10:04:52 2018 +0200 +++ b/pkg/auth/opendb.go Wed Aug 22 11:05:59 2018 +0200 @@ -38,7 +38,8 @@ JOIN pg_auth_members m ON m.member = cte.oid ) SELECT rolname FROM pg_roles -WHERE oid IN (SELECT oid FROM cte) AND rolname <> current_user` +WHERE oid IN (SELECT oid FROM cte) AND rolname <> current_user +AND EXISTS (SELECT 1 FROM users.list_users WHERE username = current_user)` const InvalidRoleCharacters = `\"':;`