fix: allow webauthn checks for users of other orgs (#6915)

This commit is contained in:
Livio Spring 2023-11-14 11:42:39 +02:00 committed by GitHub
parent 1344760369
commit 3bc9a60986
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 3 deletions

View File

@ -267,7 +267,7 @@ func (s *SessionCommands) gethumanWriteModel(ctx context.Context) (*HumanWriteMo
if s.sessionWriteModel.UserID == "" {
return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-eeR2e", "Errors.User.UserIDMissing")
}
humanWriteModel := NewHumanWriteModel(s.sessionWriteModel.UserID, s.sessionWriteModel.ResourceOwner)
humanWriteModel := NewHumanWriteModel(s.sessionWriteModel.UserID, "")
err := s.eventstore.FilterToQueryReducer(ctx, humanWriteModel)
if err != nil {
return nil, err

View File

@ -29,9 +29,9 @@ func (s *SessionCommands) getHumanWebAuthNTokens(ctx context.Context, userVerifi
}
func (s *SessionCommands) getHumanWebAuthNTokenReadModel(ctx context.Context, userVerification domain.UserVerificationRequirement) (readModel HumanWebAuthNTokensReadModel, err error) {
readModel = NewHumanU2FTokensReadModel(s.sessionWriteModel.UserID, s.sessionWriteModel.ResourceOwner)
readModel = NewHumanU2FTokensReadModel(s.sessionWriteModel.UserID, "")
if userVerification == domain.UserVerificationRequirementRequired {
readModel = NewHumanPasswordlessTokensReadModel(s.sessionWriteModel.UserID, s.sessionWriteModel.ResourceOwner)
readModel = NewHumanPasswordlessTokensReadModel(s.sessionWriteModel.UserID, "")
}
err = s.eventstore.FilterToQueryReducer(ctx, readModel)
if err != nil {