tobias/lrc-backend
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

added permission checks to user and recorder API

Browse Source
This commit is contained in:
Tobias Kurze
2020-08-06 15:23:14 +02:00
parent 82b3e78488
commit 437cec38e0
6 changed files with 59 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
backend/models/user_model.py
View File

@@ -3,6 +3,7 @@
Example user model and related models
"""
import json
from enum import Enum
import sqlalchemy
from sqlalchemy.orm import relation, validates
@@ -253,12 +254,24 @@ class User(UserMixin, db.Model):
@property
def effective_permissions(self):
permissions = Config.ROLE_PERMISSION_MAPPINGS.get(self.role, set())
role_permissions = Config.ROLE_PERMISSION_MAPPINGS.get(self.role, set())
permissions = set(Permission.query.filter(Permission.name.in_(role_permissions)).all())
for g in self.groups:
for p in g.permissions:
permissions.add(p)
return permissions
def has_permission(self, permission):
user_permissions = self.effective_permissions
if isinstance(permission, str):
return any([user_permission.name == permission for user_permission in user_permissions])
if isinstance(permission, Permission):
return any([user_permission.id == permission.id for user_permission in user_permissions])
if isinstance(permission, Enum):
return any([user_permission.name == str(permission.value) for user_permission in user_permissions])
return False
@staticmethod
def decode_auth_token(auth_token):
"""