Skip to content

Commit

Permalink
[IMP] Moved ac_api_requires_client_access into namespace blueprints
Browse files Browse the repository at this point in the history
  • Loading branch information
c8y3 committed Oct 8, 2024
1 parent 052c31e commit a9ea4cb
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 15 deletions.
14 changes: 14 additions & 0 deletions source/app/blueprints/access_controls.py
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
from app.iris_engine.access_control.utils import ac_get_effective_permissions_of_user
from app.models.authorization import Permissions
from app.models.authorization import CaseAccessLevel

from app.util import update_current_case
from app.util import log_exception_and_error
from app.util import response_error
Expand Down Expand Up @@ -341,3 +342,16 @@ def ac_api_return_access_denied(caseid: int = None):
'error_uuid': error_uuid
}
return response_error('Permission denied', data=data, status=403)


def ac_api_requires_client_access():
def inner_wrap(f):
@wraps(f)
def wrap(*args, **kwargs):
client_id = kwargs.get('client_id')
if not user_has_client_access(current_user.id, client_id):
return response_error("Permission denied", status=403)

return f(*args, **kwargs)
return wrap
return inner_wrap
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@
from app.models.authorization import Permissions
from app.schema.marshables import ContactSchema
from app.schema.marshables import CustomerSchema
from app.util import ac_api_requires_client_access
from app.blueprints.access_controls import ac_api_requires_client_access
from app.util import response_error
from app.util import response_success

Expand Down
14 changes: 0 additions & 14 deletions source/app/util.py
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,6 @@
from app import app
from app import db
from app.datamgmt.case.case_db import get_case
from app.datamgmt.manage.manage_access_control_db import user_has_client_access
from app.datamgmt.manage.manage_users_db import get_user
from app.iris_engine.access_control.utils import ac_get_effective_permissions_of_user
from app.iris_engine.utils.tracker import track_activity
Expand Down Expand Up @@ -389,19 +388,6 @@ def wrap(*args, **kwargs):
return inner_wrap


def ac_api_requires_client_access():
def inner_wrap(f):
@wraps(f)
def wrap(*args, **kwargs):
client_id = kwargs.get('client_id')
if not user_has_client_access(current_user.id, client_id):
return response_error("Permission denied", status=403)

return f(*args, **kwargs)
return wrap
return inner_wrap


def decompress_7z(filename: Path, output_dir):
"""
Decompress a 7z file in specified output directory
Expand Down

0 comments on commit a9ea4cb

Please sign in to comment.