chore: add print statement in permissions class

eduNEXT · Aug 21, 2024 · 6db4526 · 6db4526
1 parent 26e27dd
commit 6db4526
Showing 1 changed file with 9 additions and 4 deletions.
diff --git a/eox_core/api/v1/permissions.py b/eox_core/api/v1/permissions.py
@@ -3,6 +3,7 @@
 """
 Custom API permissions module
 """
+
 from django.conf import settings
 from django.contrib.auth.models import Permission, User
 from django.contrib.contenttypes.models import ContentType
@@ -20,8 +21,8 @@ def load_permissions():
         try:
             content_type = ContentType.objects.get_for_model(User)
             Permission.objects.get_or_create(
-                codename='can_call_eox_core',
-                name='Can access eox-core API',
+                codename="can_call_eox_core",
+                name="Can access eox-core API",
                 content_type=content_type,
             )
         except (ProgrammingError, ImproperlyConfigured):
@@ -45,21 +46,25 @@ def has_permission(self, request, view):
             2) is calling the API from an allowed site
             3) can call eox-core API
         """
+        print(f"\n\nUser: {request.user}\n\n")
+        print(f"\n\nUser Is Staff?: {request.user.is_staff}\n\n")
         if request.user.is_staff:
             return True
 
         try:
-            application_uri_allowed = request.auth.application.redirect_uri_allowed(request.build_absolute_uri('/'))
+            application_uri_allowed = request.auth.application.redirect_uri_allowed(request.build_absolute_uri("/"))
         except Exception:  # pylint: disable=broad-except
             application_uri_allowed = False
 
+        print(f"\n\nApplication URI Allowed?: {application_uri_allowed}\n\n")
         try:
             client_url_allowed = request.get_host() in request.auth.client.url
         except Exception:  # pylint: disable=broad-except
             client_url_allowed = False
+        print(f"\n\nClient URL Allowed?: {client_url_allowed}\n\n")
 
         if client_url_allowed or application_uri_allowed:
-            return request.user.has_perm('auth.can_call_eox_core')
+            return request.user.has_perm("auth.can_call_eox_core")
 
         # If we get here either someone is using a token created on one site in a different site
         # or there was a missconfiguration of the oauth client.