summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon Rettberg2023-11-20 17:06:12 +0100
committerSimon Rettberg2023-11-20 17:06:12 +0100
commit427ce082faa9c74fb843a2bda719adf4ca034618 (patch)
treed40ccbf572c84d7946d10a3b17baecb6ba347b7b
parentFix wrongly inferred return type (diff)
downloadbwlp-webadmin-427ce082faa9c74fb843a2bda719adf4ca034618.tar.gz
bwlp-webadmin-427ce082faa9c74fb843a2bda719adf4ca034618.tar.xz
bwlp-webadmin-427ce082faa9c74fb843a2bda719adf4ca034618.zip
[inc/User] Verify organization ID exists before deploying user into DB
-rw-r--r--inc/user.inc.php11
1 files changed, 10 insertions, 1 deletions
diff --git a/inc/user.inc.php b/inc/user.inc.php
index 93c13e0..bc07f5d 100644
--- a/inc/user.inc.php
+++ b/inc/user.inc.php
@@ -123,6 +123,10 @@ class User
return self::$user['organization'];
}
+ /**
+ * Return user's organization, or null if not known in our DB.
+ * @return ?array{organizationid: string, name: string}
+ */
public static function getOrganization(): ?array
{
if (!self::isLoggedIn())
@@ -242,11 +246,16 @@ class User
return true;
}
- public static function deploy($anonymous, $existingLogin = false)
+ public static function deploy(bool $anonymous, $existingLogin = false): bool
{
if (empty(self::$user['shibid']))
Util::traceError('NO SHIBID');
+ if (self::getOrganizationId() === null) {
+ Message::addError('Your home organization ID {{0}} is not known to this server', self::getRemoteOrganizationId());
+ Util::redirect('?do=Main');
+ }
+
// Merging with test-account:
if (!empty($existingLogin)) {
if ($anonymous) {