diff --git a/pkg/modules/auth/auth.go b/pkg/modules/auth/auth.go index 0751407f5..540e85d04 100644 --- a/pkg/modules/auth/auth.go +++ b/pkg/modules/auth/auth.go @@ -147,6 +147,7 @@ func NewUserJWTAuthtoken(u *user.User, sessionID string) (token string, err erro claims["type"] = AuthTypeUser claims["id"] = u.ID claims["username"] = u.Username + claims["is_admin"] = u.IsAdmin claims["exp"] = exp claims["sid"] = sessionID claims["jti"] = uuid.New().String() diff --git a/pkg/user/user.go b/pkg/user/user.go index 8127193ef..00d525653 100644 --- a/pkg/user/user.go +++ b/pkg/user/user.go @@ -500,9 +500,12 @@ func GetUserFromClaims(claims jwt.MapClaims) (user *User, err error) { return nil, err } + isAdmin, _ := claims["is_admin"].(bool) + return &User{ ID: userID, Username: username, + IsAdmin: isAdmin, }, nil } diff --git a/pkg/user/user_claims_test.go b/pkg/user/user_claims_test.go new file mode 100644 index 000000000..4baab96b2 --- /dev/null +++ b/pkg/user/user_claims_test.go @@ -0,0 +1,45 @@ +// Vikunja is a to-do list application to facilitate your life. +// Copyright 2018-present Vikunja and contributors. All rights reserved. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +package user + +import ( + "testing" + + "github.com/golang-jwt/jwt/v5" + "github.com/stretchr/testify/assert" +) + +func TestGetUserFromClaims_IsAdmin(t *testing.T) { + claims := jwt.MapClaims{ + "id": float64(1), + "username": "u1", + "is_admin": true, + } + u, err := GetUserFromClaims(claims) + assert.NoError(t, err) + assert.True(t, u.IsAdmin) +} + +func TestGetUserFromClaims_IsAdminMissing(t *testing.T) { + claims := jwt.MapClaims{ + "id": float64(1), + "username": "u1", + } + u, err := GetUserFromClaims(claims) + assert.NoError(t, err) + assert.False(t, u.IsAdmin) +}