fix(mycloud-nextcloud): add support for oidc groups mapping

2024-01-31 22:34:36 +01:00 · 2024-01-31 22:34:36 +01:00 · 9115d1312a
commit 9115d1312a
parent cfc85e60f0
2 changed files with 3 additions and 1 deletions
--- a/mycloud-nextcloud/templates/authentik-application.yaml
+++ b/mycloud-nextcloud/templates/authentik-application.yaml
@ -41,7 +41,7 @@ spec:
            - name: "OAuth Mapping: Nextcloud Profile"
              scope_name: profile
              expression: |-
-                groups = [group.name for group in user.ak_groups.all()]
+                groups = [group.name for group in user.ak_groups.all() if group.attributes.get("nextcloud_group", False)]
                if user.is_superuser and "admin" not in groups:
                    groups.append("admin")

--- a/mycloud-nextcloud/templates/release.yaml
+++ b/mycloud-nextcloud/templates/release.yaml
@ -87,6 +87,7 @@ spec:
            enabled: true
            config:
              allow_multiple_user_backends: "0"
+              provider-1-groupProvisioning: "1"
          ##
          # collabora
          ##
@ -139,6 +140,7 @@ spec:
              --mapping-email=email \
              --mapping-display-name=name \
              --mapping-quota=quota \
+              --mapping-groups=groups \
              --check-bearer=true \
              --unique-uid=0;