diff options
| author | Simon Rettberg | 2023-11-20 17:06:12 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2023-11-20 17:06:12 +0100 |
| commit | 427ce082faa9c74fb843a2bda719adf4ca034618 (patch) | |
| tree | d40ccbf572c84d7946d10a3b17baecb6ba347b7b | |
| parent | Fix wrongly inferred return type (diff) | |
| download | bwlp-webadmin-427ce082faa9c74fb843a2bda719adf4ca034618.tar.gz bwlp-webadmin-427ce082faa9c74fb843a2bda719adf4ca034618.tar.xz bwlp-webadmin-427ce082faa9c74fb843a2bda719adf4ca034618.zip | |
[inc/User] Verify organization ID exists before deploying user into DB
| -rw-r--r-- | inc/user.inc.php | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/inc/user.inc.php b/inc/user.inc.php index 93c13e0..bc07f5d 100644 --- a/inc/user.inc.php +++ b/inc/user.inc.php @@ -123,6 +123,10 @@ class User return self::$user['organization']; } + /** + * Return user's organization, or null if not known in our DB. + * @return ?array{organizationid: string, name: string} + */ public static function getOrganization(): ?array { if (!self::isLoggedIn()) @@ -242,11 +246,16 @@ class User return true; } - public static function deploy($anonymous, $existingLogin = false) + public static function deploy(bool $anonymous, $existingLogin = false): bool { if (empty(self::$user['shibid'])) Util::traceError('NO SHIBID'); + if (self::getOrganizationId() === null) { + Message::addError('Your home organization ID {{0}} is not known to this server', self::getRemoteOrganizationId()); + Util::redirect('?do=Main'); + } + // Merging with test-account: if (!empty($existingLogin)) { if ($anonymous) { |