Skip to content

Commit

Permalink
Allow admin users to work without group claim
Browse files Browse the repository at this point in the history
  • Loading branch information
@sambles
sambles committed Sep 19, 2024
1 parent 8a0b1cb commit 59e39f5
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions src/server/oasisapi/oidc/keycloak_auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,9 +158,13 @@ def update_groups(self, user, claims):
Persist Keycloak groups as local Django groups.
"""
keycloak_groups = claims.get('groups', None)

if keycloak_groups is None:
msg = 'No group found in claim / user_info'
raise SuspiciousOperation(msg)
if (user.is_superuser or user.is_staff):
keycloak_groups = []
else:
msg = 'No group found in claim / user_info'
raise SuspiciousOperation(msg)

for i, keycloak_group in enumerate(keycloak_groups):
if keycloak_group.startswith('/'):
Expand Down

0 comments on commit 59e39f5

Please sign in to comment.