fix: bugs in masquerade api

2 files changed, 8 insertions, 5 deletions

diff --git a/gn_auth/auth/authorisation/users/masquerade/models.py b/gn_auth/auth/authorisation/users/masquerade/models.py
index 57bc564..ae2abad 100644
--- a/gn_auth/auth/authorisation/users/masquerade/models.py
+++ b/gn_auth/auth/authorisation/users/masquerade/models.py
@@ -31,9 +31,12 @@ def can_masquerade(func):
             conn = kwargs["conn"]
             token = kwargs["original_token"]
 
-        masq_privs = [priv for role in user_roles(conn, token.user)
-                      for priv in role.privileges
-                      if priv.privilege_id == "system:user:masquerade"]
+        masq_privs = []
+        for roles in user_roles(conn, token.user):
+            for role in roles["roles"]:
+                privileges = [p for p in role.privileges if p.privilege_id == "system:user:masquerade"]
+                masq_privs.extend(privileges)
+
         if len(masq_privs) == 0:
             raise ForbiddenAccess(
                 "You do not have the ability to masquerade as another user.")
diff --git a/gn_auth/auth/authorisation/users/masquerade/views.py b/gn_auth/auth/authorisation/users/masquerade/views.py
index 276859a..71cf98d 100644
--- a/gn_auth/auth/authorisation/users/masquerade/views.py
+++ b/gn_auth/auth/authorisation/users/masquerade/views.py
@@ -33,13 +33,13 @@ def masquerade() -> Response:
             return new_token
         def __dump_token__(tok):
             return {
-                key: value for key, value in (tok._asdict().items())
+                key: value for key, value in tok.items()
                 if key in ("access_token", "refresh_token", "expires_in",
                            "token_type")
             }
         return jsonify({
             "original": {
-                "user": token.user._asdict(),
+                "user": asdict(token.user),
                 "token": __dump_token__(token)
             },
             "masquerade_as": {