rzmk/learnhouse
1
0
Fork 0
mirror of https://github.com/rzmk/learnhouse.git synced 2025-12-19 04:19:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: collections and courses remaining bugs

Browse source
This commit is contained in:
swve 2024-02-04 21:02:07 +01:00
parent 4245e61df8
commit 212c50768f
8 changed files with 155 additions and 113 deletions
Download patch file Download diff file Expand all files Collapse all files

22
apps/api/src/security/rbac/rbac.py
View file

@ -19,9 +19,8 @@ async def authorization_verify_if_element_is_public(
):
element_nature = await check_element_type(element_uuid)
# Verifies if the element is public
if element_nature == ("courses" or "collections") and action == "read":
if element_nature == ("courses") and action == "read":
if element_nature == "courses":
print("looking for course")
statement = select(Course).where(
Course.public == True, Course.course_uuid == element_uuid
)
@ -29,20 +28,29 @@ async def authorization_verify_if_element_is_public(
if course:
return True
else:
return False
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="User rights : You don't have the right to perform this action",
)
if element_nature == "collections" and action == "read":
if element_nature == "collections":
statement = select(Collection).where(
Collection.public == True, Collection.collection_uuid == element_uuid
)
collection = db_session.exec(statement).first()
if collection:
return True
else:
return False
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="User rights : You don't have the right to perform this action",
)
else:
return False
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="User rights : You don't have the right to perform this action",
)
# Tested and working