diff options
author | John Nduli | 2024-08-15 14:13:36 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2024-08-15 10:22:57 -0500 |
commit | 263707c72f823d437106f579ad974775ad427ccc (patch) | |
tree | b9ba17daf6eeb88710e60d710a68306f9d3196a0 /gn_auth/auth/authorisation/users/masquerade/models.py | |
parent | 60a1d17cc5d4a3d511deade2daa90be4973273a0 (diff) | |
download | gn-auth-263707c72f823d437106f579ad974775ad427ccc.tar.gz |
fix: bugs in masquerade api
Diffstat (limited to 'gn_auth/auth/authorisation/users/masquerade/models.py')
-rw-r--r-- | gn_auth/auth/authorisation/users/masquerade/models.py | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/gn_auth/auth/authorisation/users/masquerade/models.py b/gn_auth/auth/authorisation/users/masquerade/models.py index 57bc564..ae2abad 100644 --- a/gn_auth/auth/authorisation/users/masquerade/models.py +++ b/gn_auth/auth/authorisation/users/masquerade/models.py @@ -31,9 +31,12 @@ def can_masquerade(func): conn = kwargs["conn"] token = kwargs["original_token"] - masq_privs = [priv for role in user_roles(conn, token.user) - for priv in role.privileges - if priv.privilege_id == "system:user:masquerade"] + masq_privs = [] + for roles in user_roles(conn, token.user): + for role in roles["roles"]: + privileges = [p for p in role.privileges if p.privilege_id == "system:user:masquerade"] + masq_privs.extend(privileges) + if len(masq_privs) == 0: raise ForbiddenAccess( "You do not have the ability to masquerade as another user.") |