TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 04:37:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(api): handle user disabling events correctly in session API (#7380)

Browse Source 
This PR makes sure that user disabling events (deactivate, locked, ...) are correctly checked for sessions.
This commit is contained in:
Livio Spring
2024-02-28 10:30:05 +01:00
committed by GitHub
parent 26d1563643
commit 68af4f59c9
8 changed files with 193 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/api/grpc/session/v2/session.go
View File

@@ -351,6 +351,9 @@ func (s *Server) checksToCommand(ctx context.Context, checks *session.Checks) ([
if err != nil {
return nil, err
}
if !user.State.IsEnabled() {
return nil, zerrors.ThrowPreconditionFailed(nil, "SESSION-Gj4ko", "Errors.User.NotActive")
}
sessionChecks = append(sessionChecks, command.CheckUser(user.ID, user.ResourceOwner))
}
if password := checks.GetPassword(); password != nil {