lib/puavo/authentication.rb in puavo_authentication-0.2.2 vs lib/puavo/authentication.rb in puavo_authentication-0.2.3
- old
+ new
@@ -180,10 +180,14 @@
def external_service?
dn.rdns[1]["ou"] == "System Accounts"
end
+ def server?
+ dn.rdns[1]["ou"] == "Servers"
+ end
+
def oauth_client_server?
dn.rdns.first.keys.first == "puavoOAuthClientId"
end
def oauth_access_token?
@@ -220,9 +224,15 @@
# Authorize organisation owners
organisation = LdapOrganisation.first
if organisation && organisation.owner && organisation.owner.include?(dn)
logger.info "Authorization ok: Organisation owner #{ dn }"
+ return @authorized = true
+ end
+
+ # Authorize servers
+ if server?
+ logger.info "Authorization ok: Server #{ dn }"
return @authorized = true
end
raise AuthorizationFailed, "Unauthorized access for #{ dn }"
end