~homeworkprod/byceps

39d7af84a85331cf02a6d255e2a25be1305e92fa — Jochen Kupperschmidt 8 months ago 166c2c8
Use `has_current_user_permission` in code
M byceps/blueprints/site/board/service.py => byceps/blueprints/site/board/service.py +6 -5
@@ 25,6 25,7 @@ from ....services.ticketing import ticket_service
from ....services.user import service as user_service
from ....services.user_badge import awarding_service as badge_awarding_service
from ....services.user_badge.transfer.models import Badge
from ....util.authorization import has_current_user_permission
from ....typing import BrandID, PartyID, UserID

from .authorization import BoardPermission, BoardPostingPermission


@@ 191,7 192,7 @@ def _get_site_setting_int_value(key, default_value) -> int:

def may_current_user_view_hidden() -> bool:
    """Return `True' if the current user may view hidden items."""
    return g.user.has_permission(BoardPermission.view_hidden)
    return has_current_user_permission(BoardPermission.view_hidden)


def may_topic_be_updated_by_current_user(topic: DbTopic) -> bool:


@@ 200,9 201,9 @@ def may_topic_be_updated_by_current_user(topic: DbTopic) -> bool:
        (
            not topic.locked
                and g.user.id == topic.creator_id
                and g.user.has_permission(BoardTopicPermission.update)
                and has_current_user_permission(BoardTopicPermission.update)
        )
        or g.user.has_permission(BoardPermission.update_of_others)
        or has_current_user_permission(BoardPermission.update_of_others)
    )




@@ 211,5 212,5 @@ def may_posting_be_updated_by_current_user(posting: DbPosting) -> bool:
    return (
        not posting.topic.locked
        and g.user.id == posting.creator_id
        and g.user.has_permission(BoardPostingPermission.update)
    ) or g.user.has_permission(BoardPermission.update_of_others)
        and has_current_user_permission(BoardPostingPermission.update)
    ) or has_current_user_permission(BoardPermission.update_of_others)

M byceps/blueprints/site/board/views_posting.py => byceps/blueprints/site/board/views_posting.py +2 -1
@@ 19,6 19,7 @@ from ....services.board import (
from ....services.text_markup.service import get_smileys
from ....services.user import service as user_service
from ....signals import board as board_signals
from ....util.authorization import has_current_user_permission
from ....util.framework.flash import flash_error, flash_success
from ....util.framework.templating import templated
from ....util.views import permission_required, respond_no_content_with_location


@@ 98,7 99,7 @@ def posting_create(topic_id):
        )
        return redirect(h.build_url_for_topic(topic.id))

    if topic.posting_limited_to_moderators and not g.user.has_permission(
    if topic.posting_limited_to_moderators and not has_current_user_permission(
        BoardPermission.announce
    ):
        flash_error(

M byceps/blueprints/site/news/views.py => byceps/blueprints/site/news/views.py +2 -2
@@ 13,7 13,7 @@ from ....services.site import (
    service as site_service,
    settings_service as site_settings_service,
)
from ....util.authorization import register_permission_enum
from ....util.authorization import has_current_user_permission, register_permission_enum
from ....util.framework.blueprint import create_blueprint
from ....util.framework.templating import templated



@@ 89,4 89,4 @@ def _get_items_per_page_value():


def _may_current_user_view_drafts() -> bool:
    return g.user.has_permission(NewsItemPermission.view_draft)
    return has_current_user_permission(NewsItemPermission.view_draft)

M byceps/blueprints/site/seating/views.py => byceps/blueprints/site/seating/views.py +2 -2
@@ 21,7 21,7 @@ from ....services.ticketing import (
    ticket_service,
)
from ....services.ticketing.transfer.models import TicketID
from ....util.authorization import register_permission_enum
from ....util.authorization import has_current_user_permission, register_permission_enum
from ....util.framework.blueprint import create_blueprint
from ....util.framework.flash import flash_error, flash_success
from ....util.framework.templating import templated


@@ 310,7 310,7 @@ def _is_seat_management_enabled():


def _is_current_user_seating_admin() -> bool:
    return g.user.has_permission(SeatingPermission.administrate)
    return has_current_user_permission(SeatingPermission.administrate)


def _get_ticket_or_404(ticket_id: TicketID) -> DbTicket:

M byceps/util/navigation.py => byceps/util/navigation.py +3 -1
@@ 12,6 12,8 @@ from typing import List, Optional

from flask import g

from .authorization import has_current_user_permission


@dataclass(frozen=True)
class NavigationItem:


@@ 65,6 67,6 @@ class Navigation:
            if required_permission is None:
                return True

            return g.user.has_permission(required_permission)
            return has_current_user_permission(required_permission)

        return list(filter(user_has_permission, self.items))

M byceps/util/views.py => byceps/util/views.py +2 -1
@@ 21,6 21,7 @@ from flask import (
)
from flask_babel import gettext

from .authorization import has_current_user_permission
from .framework.flash import flash_notice




@@ 43,7 44,7 @@ def permission_required(permission):
    def decorator(func):
        @wraps(func)
        def wrapper(*args, **kwargs):
            if not g.user.has_permission(permission):
            if not has_current_user_permission(permission):
                abort(403)
            return func(*args, **kwargs)