kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

custom claim 권한체크 확인

Browse Source
This commit is contained in:
admin-bot
2026-06-11 08:29:25 +09:00
parent 839ca9d407
commit 4d77060b5d
79 changed files with 4268 additions and 670 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
backend/cmd/adminctl/worksmobile_sync.go
View File

@@ -126,7 +126,8 @@ func runWorksmobileSync(args []string) error {
}
}
if config.AlignBaronFromWorksOutput != "" {
if err := alignBaronNeedsUpdateUsersFromWorks(ctx, db, syncService, userRepo, service.NewKratosAdminService(), root.ID, config.AlignBaronFromWorksOutput, config.AlignBaronFromWorksExclude); err != nil {
identityWriter := service.NewIdentityWriteService(service.NewKratosAdminService(), nil)
if err := alignBaronNeedsUpdateUsersFromWorks(ctx, db, syncService, userRepo, identityWriter, root.ID, config.AlignBaronFromWorksOutput, config.AlignBaronFromWorksExclude); err != nil {
return err
}
}
@@ -987,13 +988,13 @@ func exportWorksmobileNeedsUpdateComparison(ctx context.Context, syncService ser
return nil
}
func alignBaronNeedsUpdateUsersFromWorks(ctx context.Context, db *gorm.DB, syncService service.WorksmobileAdminService, userRepo repository.UserRepository, kratosAdmin service.KratosAdminService, tenantID string, outputPath string, excludeRaw string) error {
func alignBaronNeedsUpdateUsersFromWorks(ctx context.Context, db *gorm.DB, syncService service.WorksmobileAdminService, userRepo repository.UserRepository, identityWriter service.IdentityWriteService, tenantID string, outputPath string, excludeRaw string) error {
comparison, err := syncService.GetComparison(ctx, tenantID, true)
if err != nil {
return err
}
if kratosAdmin == nil {
return fmt.Errorf("kratos admin service is required to align Baron users from WORKS")
if identityWriter == nil {
return fmt.Errorf("identity write service is required to align Baron users from WORKS")
}
excludes := parseWorksmobileAlignExcludes(excludeRaw)
file, err := os.Create(outputPath)
@@ -1082,7 +1083,7 @@ func alignBaronNeedsUpdateUsersFromWorks(ctx context.Context, db *gorm.DB, syncS
if newName == "" {
newName = strings.TrimSpace(user.Name)
}
identity, identityErr := kratosAdmin.GetIdentity(ctx, user.ID)
identity, identityErr := identityWriter.GetIdentity(ctx, user.ID)
if identityErr != nil {
status = "error"
errorMessage = identityErr.Error()
@@ -1091,7 +1092,13 @@ func alignBaronNeedsUpdateUsersFromWorks(ctx context.Context, db *gorm.DB, syncS
traits := copyKratosTraits(identity.Traits)
traits["email"] = newEmail
traits["name"] = newName
if _, updateErr := kratosAdmin.UpdateIdentity(ctx, user.ID, traits, strings.TrimSpace(identity.State)); updateErr != nil {
if _, updateErr := identityWriter.UpdateIdentity(ctx, service.IdentityUpdateRequest{
IdentityID: user.ID,
Traits: traits,
State: strings.TrimSpace(identity.State),
Reason: "worksmobile_align_baron_from_works",
Source: "adminctl_worksmobile_sync",
}); updateErr != nil {
status = "error"
errorMessage = updateErr.Error()
errorsCount++