mirror of
https://github.com/gravitational/teleport
synced 2024-10-22 02:03:24 +00:00
update code review comments
This commit is contained in:
parent
6bb48bb850
commit
a4dcebf127
|
@ -470,7 +470,10 @@ func (s *APIServer) generateUserCert(w http.ResponseWriter, r *http.Request, _ h
|
|||
// This allows us to make sure that users can only request new certificates
|
||||
// only for themselves, except admin users
|
||||
caller, _, ok := r.BasicAuth()
|
||||
if !ok || (req.User != caller && s.a.role != teleport.RoleAdmin) {
|
||||
if !ok {
|
||||
return nil, trace.AccessDenied("Missing username or password")
|
||||
}
|
||||
if req.User != caller && s.a.role != teleport.RoleAdmin {
|
||||
return nil, trace.AccessDenied("User %s cannot request a certificate for %s",
|
||||
caller, req.User)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue