aboutsummaryrefslogtreecommitdiff
path: root/gn_auth/auth/authorisation/users/masquerade
diff options
context:
space:
mode:
authorJohn Nduli2024-08-15 14:13:36 +0300
committerFrederick Muriuki Muriithi2024-08-15 10:22:57 -0500
commit263707c72f823d437106f579ad974775ad427ccc (patch)
treeb9ba17daf6eeb88710e60d710a68306f9d3196a0 /gn_auth/auth/authorisation/users/masquerade
parent60a1d17cc5d4a3d511deade2daa90be4973273a0 (diff)
downloadgn-auth-263707c72f823d437106f579ad974775ad427ccc.tar.gz
fix: bugs in masquerade api
Diffstat (limited to 'gn_auth/auth/authorisation/users/masquerade')
-rw-r--r--gn_auth/auth/authorisation/users/masquerade/models.py9
-rw-r--r--gn_auth/auth/authorisation/users/masquerade/views.py4
2 files changed, 8 insertions, 5 deletions
diff --git a/gn_auth/auth/authorisation/users/masquerade/models.py b/gn_auth/auth/authorisation/users/masquerade/models.py
index 57bc564..ae2abad 100644
--- a/gn_auth/auth/authorisation/users/masquerade/models.py
+++ b/gn_auth/auth/authorisation/users/masquerade/models.py
@@ -31,9 +31,12 @@ def can_masquerade(func):
conn = kwargs["conn"]
token = kwargs["original_token"]
- masq_privs = [priv for role in user_roles(conn, token.user)
- for priv in role.privileges
- if priv.privilege_id == "system:user:masquerade"]
+ masq_privs = []
+ for roles in user_roles(conn, token.user):
+ for role in roles["roles"]:
+ privileges = [p for p in role.privileges if p.privilege_id == "system:user:masquerade"]
+ masq_privs.extend(privileges)
+
if len(masq_privs) == 0:
raise ForbiddenAccess(
"You do not have the ability to masquerade as another user.")
diff --git a/gn_auth/auth/authorisation/users/masquerade/views.py b/gn_auth/auth/authorisation/users/masquerade/views.py
index 276859a..71cf98d 100644
--- a/gn_auth/auth/authorisation/users/masquerade/views.py
+++ b/gn_auth/auth/authorisation/users/masquerade/views.py
@@ -33,13 +33,13 @@ def masquerade() -> Response:
return new_token
def __dump_token__(tok):
return {
- key: value for key, value in (tok._asdict().items())
+ key: value for key, value in tok.items()
if key in ("access_token", "refresh_token", "expires_in",
"token_type")
}
return jsonify({
"original": {
- "user": token.user._asdict(),
+ "user": asdict(token.user),
"token": __dump_token__(token)
},
"masquerade_as": {