Open Access isn't fence specific

hms-dbmi · Dec 17, 2024 · a364f19 · a364f19
1 parent 317ba1f
commit a364f19
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/...ard/hms/dbmi/avillach/auth/service/impl/authentication/AimAheadAuthenticationService.java b/...ard/hms/dbmi/avillach/auth/service/impl/authentication/AimAheadAuthenticationService.java
@@ -165,11 +165,11 @@ private User loadUser(JsonNode introspectResponse) {
             }
 
             // All users that login through OKTA should have the fence_open_access role, or they will not be able to interact with the UI
-            Role fenceOpenAccessRole = roleService.getRoleByName(MANAGED_OPEN_ACCESS_ROLE_NAME);
-            if (!user.get().getRoles().contains(fenceOpenAccessRole)) {
+            Role openAccessRole = roleService.getRoleByName(MANAGED_OPEN_ACCESS_ROLE_NAME);
+            if (!user.get().getRoles().contains(openAccessRole)) {
                 logger.info("Adding fence_open_access role to user: {}", user.get().getUuid());
                 Set<Role> roles = user.get().getRoles();
-                roles.add(fenceOpenAccessRole);
+                roles.add(openAccessRole);
                 user = Optional.ofNullable(userService.changeRole(user.orElse(null), roles));
             }