authelia/internal/authorization
James Elliott 60ff16b518
fix(handlers): refresh user details on all domains (#1642)
* fix(handlers): refresh user details on all domains 

* previously sessions only got checked for updated details if the domain had group subjects attached
* this meant disabled or deleted accounts did not get detected until the session expired or the user visited a domain protected by a group subject
* this patch fixes this issue and simplifies some logic surrounding the check

* add tests

simplify IsStringSlicesDifferent so it only iterates once

* add another test for IsStringSlicesDifferent
2021-02-02 12:01:46 +11:00
..
authorizer_test.go [FEATURE] Support for subject combinations in ACLs (#1142) 2020-06-25 18:22:42 +10:00
authorizer.go fix(handlers): refresh user details on all domains (#1642) 2021-02-02 12:01:46 +11:00
const.go [MISC] Validate all sections of ACLs on startup (#1595) 2021-01-16 21:05:41 +11:00
domain_matcher_test.go [FEATURE] Automatic Profile Refresh - LDAP (#912) 2020-05-04 21:39:25 +02:00
domain_matcher.go [CI] Add wsl linter (#980) 2020-05-05 21:35:32 +02:00
ip_matcher_test.go [MISC] Validate all sections of ACLs on startup (#1595) 2021-01-16 21:05:41 +11:00
ip_matcher.go [MISC] Validate all sections of ACLs on startup (#1595) 2021-01-16 21:05:41 +11:00
path_matcher_test.go [MISC] Add unit tests to authorization module and trace logs. (#638) 2020-02-19 09:15:09 +11:00
path_matcher.go [MISC] Validate all sections of ACLs on startup (#1595) 2021-01-16 21:05:41 +11:00
subject_matcher.go [MISC] Validate all sections of ACLs on startup (#1595) 2021-01-16 21:05:41 +11:00