Skip to content
This repository was archived by the owner on Sep 19, 2022. It is now read-only.

Commit 22872a1

Browse files
tauceti2tauceti2
committed
Unauthorized when SP is not registered or there are no groups.
- If the SP is not registered in Perun as a facility with proper resource or - If there are no groups assigned to the resource then show unauthorized - fixed log levels for some of the messages
1 parent 43b874a commit 22872a1

File tree

1 file changed

+7
-7
lines changed

1 file changed

+7
-7
lines changed

lib/Auth/Process/PerunIdentity.php

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -120,11 +120,11 @@ public function process(&$request)
120120
$spGroups = $this->adapter->getSpGroups($spEntityId, $vo);
121121

122122
if (empty($spGroups)) {
123-
throw new SimpleSAML_Error_Exception(
124-
'No Perun groups in VO '.$vo->getName().'are assigned with SP entityID '.$spEntityId.'. ' .
125-
'Hint1: create facility in Perun with attribute entityID of your SP. ' .
126-
'Hint2: assign groups in VO '.$vo->getName().' to resource of the facility in Perun. '
123+
SimpleSAML_Logger::warning('No Perun groups in VO '.$vo->getName().'are assigned with SP entityID '.$spEntityId.'. ' .
124+
'Hint1: create facility in Perun with attribute entityID of your SP. ' .
125+
'Hint2: assign groups in VO '.$vo->getName().' to resource of the facility in Perun.'
127126
);
127+
$this->unauthorized($request);
128128
}
129129

130130
SimpleSAML_Logger::debug("SP GROUPs - ".var_export($spGroups, true));
@@ -139,13 +139,13 @@ public function process(&$request)
139139

140140
$memberGroups = $this->adapter->getMemberGroups($user, $vo);
141141

142-
SimpleSAML_Logger::info('member groups: '.var_export($memberGroups, true));
143-
SimpleSAML_Logger::info('sp groups: '.var_export($spGroups, true));
142+
SimpleSAML_Logger::debug('member groups: '.var_export($memberGroups, true));
143+
SimpleSAML_Logger::debug('sp groups: '.var_export($spGroups, true));
144144

145145
$groups = $this->intersectById($spGroups, $memberGroups);
146146

147147
if (empty($groups)) {
148-
SimpleSAML_Logger::info('Perun user with identity: '.$uid.' is not member of any assigned group for resource (' . $spEntityId . ')');
148+
SimpleSAML_Logger::warning('Perun user with identity: '.$uid.' is not member of any assigned group for resource (' . $spEntityId . ')');
149149
$this->unauthorized($request);
150150
}
151151

0 commit comments

Comments
 (0)