From 263707c72f823d437106f579ad974775ad427ccc Mon Sep 17 00:00:00 2001 From: John Nduli Date: Thu, 15 Aug 2024 14:13:36 +0300 Subject: fix: bugs in masquerade api --- gn_auth/auth/authorisation/resources/groups/views.py | 2 +- gn_auth/auth/authorisation/users/masquerade/models.py | 9 ++++++--- gn_auth/auth/authorisation/users/masquerade/views.py | 4 ++-- 3 files changed, 9 insertions(+), 6 deletions(-) (limited to 'gn_auth') diff --git a/gn_auth/auth/authorisation/resources/groups/views.py b/gn_auth/auth/authorisation/resources/groups/views.py index 401be00..f98783b 100644 --- a/gn_auth/auth/authorisation/resources/groups/views.py +++ b/gn_auth/auth/authorisation/resources/groups/views.py @@ -48,7 +48,7 @@ def create_group(): with require_oauth.acquire("profile group") as the_token: group_name=request_json().get("group_name", "").strip() if not bool(group_name): - raise GroupCreationError("Could not create the group.") + raise GroupCreationError(f"Could not create the group. Invalid Group name provided was `{group_name}`") db_uri = current_app.config["AUTH_DB"] with db.connection(db_uri) as conn: diff --git a/gn_auth/auth/authorisation/users/masquerade/models.py b/gn_auth/auth/authorisation/users/masquerade/models.py index 57bc564..ae2abad 100644 --- a/gn_auth/auth/authorisation/users/masquerade/models.py +++ b/gn_auth/auth/authorisation/users/masquerade/models.py @@ -31,9 +31,12 @@ def can_masquerade(func): conn = kwargs["conn"] token = kwargs["original_token"] - masq_privs = [priv for role in user_roles(conn, token.user) - for priv in role.privileges - if priv.privilege_id == "system:user:masquerade"] + masq_privs = [] + for roles in user_roles(conn, token.user): + for role in roles["roles"]: + privileges = [p for p in role.privileges if p.privilege_id == "system:user:masquerade"] + masq_privs.extend(privileges) + if len(masq_privs) == 0: raise ForbiddenAccess( "You do not have the ability to masquerade as another user.") diff --git a/gn_auth/auth/authorisation/users/masquerade/views.py b/gn_auth/auth/authorisation/users/masquerade/views.py index 276859a..71cf98d 100644 --- a/gn_auth/auth/authorisation/users/masquerade/views.py +++ b/gn_auth/auth/authorisation/users/masquerade/views.py @@ -33,13 +33,13 @@ def masquerade() -> Response: return new_token def __dump_token__(tok): return { - key: value for key, value in (tok._asdict().items()) + key: value for key, value in tok.items() if key in ("access_token", "refresh_token", "expires_in", "token_type") } return jsonify({ "original": { - "user": token.user._asdict(), + "user": asdict(token.user), "token": __dump_token__(token) }, "masquerade_as": { -- cgit v1.2.3