1
0
forked from baron/baron-sso

테넌트 관리자(Tenant Admin)의 본인 소유 테넌트 목록 조회 및 관리 기능 개선

This commit is contained in:
2026-03-03 14:33:58 +09:00
parent 1c3985ce19
commit a6e7f1253c
6 changed files with 47 additions and 16 deletions

View File

@@ -67,7 +67,7 @@ func RequireKetoPermission(config RBACConfig, namespace, relation string) fiber.
}
if !allowed {
slog.Warn("Keto permission denied", "userID", profile.ID, "namespace", namespace, "objectID", objectID, "relation", relation)
slog.Warn("Keto permission denied", "userID", profile.ID, "userRole", profile.Role, "namespace", namespace, "objectID", objectID, "relation", relation, "X-Test-Role", c.Get("X-Test-Role"))
return errorJSON(c, fiber.StatusForbidden, "forbidden: keto permission denied for "+namespace+":"+objectID)
}
@@ -111,13 +111,11 @@ func RequireRole(config RBACConfig) fiber.Handler {
"userRole", profile.Role,
"allowedRoles", config.AllowedRoles,
"path", c.Path(),
"X-Test-Role", c.Get("X-Test-Role"),
)
return errorJSON(c, fiber.StatusForbidden, "forbidden: insufficient permissions")
}
// Store profile in locals for further use in handlers
c.Locals("user_profile", profile)
return c.Next()
}
}