Skip to content
This repository was archived by the owner on Sep 19, 2022. It is now read-only.

Commit 8d73201

Browse files
vyskocilpavelvyskocilpavel
authored
Merge pull request #100 from vyskocilpavel/dev-pvysk
Added checks into PerunEntitlement proccess filter
2 parents 3088ed6 + d4979f3 commit 8d73201

File tree

1 file changed

+23
-15
lines changed

1 file changed

+23
-15
lines changed

lib/Auth/Process/PerunEntitlement.php

Lines changed: 23 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -71,12 +71,23 @@ public function __construct($config, $reserved)
7171

7272
public function process(&$request)
7373
{
74-
$eduPersonEntitlement = $this->getEduPersonEntitlement($request);
74+
$eduPersonEntitlement = [];
75+
$capabilities = [];
7576
$forwardedEduPersonEntitlement = [];
77+
78+
if (isset($request['perun']['groups'])) {
79+
$eduPersonEntitlement = $this->getEduPersonEntitlement($request);
80+
$capabilities = $this->getCapabilities($request);
81+
} else {
82+
Logger::debug(
83+
'perun:PerunEntitlement: There are no user groups assign to facility.' .
84+
'=> Skipping getEduPersonEntitlement and getResourceCapabilities'
85+
);
86+
}
87+
7688
if ($this->releaseForwardedEntitlement) {
7789
$forwardedEduPersonEntitlement = $this->getForwardedEduPersonEntitlement($request);
7890
}
79-
$capabilities = $this->getCapabilities($request);
8091

8192
$request['Attributes'][$this->eduPersonEntitlement] = array_unique(array_merge(
8293
$eduPersonEntitlement,
@@ -87,20 +98,9 @@ public function process(&$request)
8798

8899
private function getEduPersonEntitlement(&$request)
89100
{
90-
if (isset($request['perun']['groups'])) {
91-
/** allow IDE hint whisperer
92-
* @var model\Group[] $groups
93-
*/
94-
$groups = $request['perun']['groups'];
95-
} else {
96-
throw new Exception(
97-
'perun:PerunEntitlement: ' .
98-
'missing mandatory field \'perun.groups\' in request.' .
99-
'Hint: Did you configure PerunIdentity filter before this filter?'
100-
);
101-
}
102-
103101
$eduPersonEntitlement = [];
102+
103+
$groups = $request['perun']['groups'];
104104
foreach ($groups as $group) {
105105
$groupName = $group->getUniqueName();
106106
$groupName = preg_replace('/^(\w*)\:members$/', '$1', $groupName);
@@ -129,6 +129,14 @@ private function getEduPersonEntitlement(&$request)
129129
private function getForwardedEduPersonEntitlement(&$request)
130130
{
131131
$forwardedEduPersonEntitlement = [];
132+
133+
if (!isset($request['perun']['user'])) {
134+
Logger::debug(
135+
'perun:PerunEntitlement: Object Perun User is not specified. => Skipping getting forwardedEntitlement.'
136+
);
137+
return $forwardedEduPersonEntitlement;
138+
}
139+
132140
$user = $request['perun']['user'];
133141
$forwardedEduPersonEntitlementMap = $this->adapter->getUserAttributes(
134142
$user,

0 commit comments

Comments
 (0)