Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // Role-Based from Template...
- // This script will step up authentication for any user belonging
- // to one of the given roles
- // If the user has any of the below roles, authentication will be stepped up
- var rolesToStepUp = ['salesmanager'];
- var rolesAllowed = ['salesmanager','salesteam'];
- function onLoginRequest(context) {
- executeStep(1, {
- onSuccess: function (context) {
- // Extracting authenticated subject from the first step
- var user = context.currentKnownSubject;
- var hasRole = hasAnyOfTheRoles(user, rolesAllowed);
- if (!hasRole){
- sendError('https://gamage-dev-ed.my.salesforce.com',{'errorcode':'000403','errorMsg':'You are not allowed to login to this app.'});
- }
- // Checking if the user is assigned to one of the given roles
- var hasAdminRole = hasAnyOfTheRoles(user, rolesToStepUp);
- if (hasAdminRole) {
- Log.info(user.username + ' Has one of Roles: ' + rolesToStepUp.toString());
- executeStep(2);
- }
- }
- });
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement