Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use the list of accounts on the token for authorization, not all those associated with the user #216

Closed
3 tasks done
kookster opened this issue Jan 6, 2017 · 2 comments
Closed
3 tasks done

Use the list of accounts on the token for authorization, not all those associated with the user #216

kookster opened this issue Jan 6, 2017 · 2 comments
Assignees
@gcampo88

Comments

@kookster
Copy link
Member

kookster commented Jan 6, 2017
edited by gcampo88
Loading

  • Get the list of accounts the token is authorized for from the aur hash/list in the token
  • Handle the different cases for how aur can express lists of accounts, I think the rack gem handles most of this: https://github.com/PRX/rack-prx_auth/blob/master/lib/rack/prx_auth/token_data.rb#L32
  • Use this list of account ids (any role) instead of querying memberships to determine accounts to use in the authorization controller
@kookster kookster changed the title for authorization, use the list of accounts on the token, not associated with the user Use the list of accounts on the token for authorization, not all those associated with the user Jan 12, 2017
@kookster kookster self-assigned this Jan 12, 2017
@kookster kookster assigned gcampo88 and unassigned kookster Jan 25, 2017
@kookster
Copy link
Member Author

I am behind on my other tix, so reassigning to @gcampo88

@gcampo88 gcampo88 mentioned this issue Jan 31, 2017
Merged
@gcampo88
Copy link
Contributor

handled in #240

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gcampo88 gcampo88

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kookster @gcampo88