aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--dashboard/app/access.go12
-rw-r--r--dashboard/app/app_test.go2
-rw-r--r--dashboard/app/config.go4
-rw-r--r--docs/setup_syzbot.md2
4 files changed, 15 insertions, 5 deletions
diff --git a/dashboard/app/access.go b/dashboard/app/access.go
index dadaed7f0..0e746aa20 100644
--- a/dashboard/app/access.go
+++ b/dashboard/app/access.go
@@ -49,6 +49,16 @@ func checkAccessLevel(c context.Context, r *http.Request, level AccessLevel) err
// AuthDomain is broken in AppEngine tests.
var isBrokenAuthDomainInTest = false
+func emailInAuthDomains(email string, authDomains []string) bool {
+ for _, authDomain := range authDomains {
+ if strings.HasSuffix(email, authDomain) {
+ return true
+ }
+ }
+
+ return false
+}
+
func accessLevel(c context.Context, r *http.Request) AccessLevel {
if user.IsAdmin(c) {
switch r.FormValue("access") {
@@ -63,7 +73,7 @@ func accessLevel(c context.Context, r *http.Request) AccessLevel {
if u == nil ||
// Devappserver does not pass AuthDomain.
u.AuthDomain != "gmail.com" && !isBrokenAuthDomainInTest ||
- !strings.HasSuffix(u.Email, getConfig(c).AuthDomain) {
+ !emailInAuthDomains(u.Email, getConfig(c).AuthDomains) {
return AccessPublic
}
return AccessUser
diff --git a/dashboard/app/app_test.go b/dashboard/app/app_test.go
index 8a82d78d0..97ede2e5a 100644
--- a/dashboard/app/app_test.go
+++ b/dashboard/app/app_test.go
@@ -42,7 +42,7 @@ func init() {
// Config used in tests.
var testConfig = &GlobalConfig{
AccessLevel: AccessPublic,
- AuthDomain: "@syzkaller.com",
+ AuthDomains: []string{"@syzkaller.com"},
Clients: map[string]string{
"reporting": "reportingkeyreportingkeyreportingkey",
},
diff --git a/dashboard/app/config.go b/dashboard/app/config.go
index 946020572..7398b0114 100644
--- a/dashboard/app/config.go
+++ b/dashboard/app/config.go
@@ -26,8 +26,8 @@ import (
type GlobalConfig struct {
// Min access levels specified hierarchically throughout the config.
AccessLevel AccessLevel
- // Email suffix of authorized users (e.g. "@foobar.com").
- AuthDomain string
+ // Email suffixes of authorized users (e.g. []string{"@foo.com","@bar.org"}).
+ AuthDomains []string
// Google Analytics Tracking ID.
AnalyticsTrackingID string
// URL prefix of source coverage reports.
diff --git a/docs/setup_syzbot.md b/docs/setup_syzbot.md
index b6c05b00b..289ea0e22 100644
--- a/docs/setup_syzbot.md
+++ b/docs/setup_syzbot.md
@@ -247,7 +247,7 @@ func init() {
}
var prodConfig = &GlobalConfig{
AccessLevel: AccessPublic,
- AuthDomain: "@google.com",
+ AuthDomains: []string{"@google.com"},
CoverPath: "https://storage.googleapis.com/syzkaller/cover/",
Clients: map[string]string{
"$CI_HOSTNAME": "$CI_KEY",
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-11 19:50:46 +0000