diff --git a/server/auth/OidcAuthStrategy.js b/server/auth/OidcAuthStrategy.js index 8014a436c..201b5bb81 100644 --- a/server/auth/OidcAuthStrategy.js +++ b/server/auth/OidcAuthStrategy.js @@ -212,6 +212,7 @@ class OidcAuthStrategy { if (user.type !== userType) { Logger.info(`[OidcAuth] openid callback: Updating user "${user.username}" type to "${userType}" from "${user.type}"`) user.type = userType + user.permissions = Database.userModel.getDefaultPermissionsForUserType(userType) await user.save() } } else { diff --git a/test/server/auth/OidcAuthStrategy.test.js b/test/server/auth/OidcAuthStrategy.test.js index e701ec426..91f33aabd 100644 --- a/test/server/auth/OidcAuthStrategy.test.js +++ b/test/server/auth/OidcAuthStrategy.test.js @@ -3,20 +3,25 @@ const sinon = require('sinon') const Database = require('../../../server/Database') const Logger = require('../../../server/Logger') +const User = require('../../../server/models/User') const OidcAuthStrategy = require('../../../server/auth/OidcAuthStrategy') describe('OidcAuthStrategy', () => { let strategy let originalServerSettings + let originalUserModel beforeEach(() => { strategy = new OidcAuthStrategy() originalServerSettings = Database.serverSettings + originalUserModel = Database.userModel + Database.userModel = User sinon.stub(Logger, 'info') }) afterEach(() => { Database.serverSettings = originalServerSettings + Database.userModel = originalUserModel sinon.restore() }) @@ -30,6 +35,7 @@ describe('OidcAuthStrategy', () => { await strategy.setUserGroup(user, { groups: ['syncloud'] }) expect(user.type).to.equal('admin') + expect(user.permissions.upload).to.be.true expect(user.save.calledOnce).to.be.true })