Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

saml: Add defensive code against org_membership attr not being a list.

This commit is contained in:
Mateusz Mandera 2020-08-15 16:29:28 +02:00 committed by Tim Abbott
parent db8daf4175
commit a0dea84edb
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
zproject/backends.py
View File

@ -1844,6 +1844,12 @@ class SAMLAuthBackend(SocialAuthMixin, SAMLAuth):
subdomain = self.strategy.session_get('subdomain') subdomain = self.strategy.session_get('subdomain')
entitlements: Union[str, List[str]] = attributes.get(org_membership_attribute, []) entitlements: Union[str, List[str]] = attributes.get(org_membership_attribute, [])
if isinstance(entitlements, str): # nocoverage
# This shouldn't happen as we'd always expect a list from this attribute even
# if it only has one element, but it's safer to have this defensive code.
entitlements = [entitlements, ]
assert isinstance(entitlements, list)
if subdomain in entitlements: if subdomain in entitlements:
return return