rzmk/learnhouse
1
0
Fork 0
mirror of https://github.com/rzmk/learnhouse.git synced 2025-12-19 04:19:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: additional verification for anon users

Browse source
This commit is contained in:
swve 2023-07-20 01:42:20 +02:00
parent 3c2f6b3a98
commit 42c99f3939
9 changed files with 46 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/services/courses/collections.py
View file

@ -1,7 +1,7 @@
from typing import List, Literal
from uuid import uuid4
from pydantic import BaseModel
from src.security.rbac.rbac import authorization_verify_based_on_roles_and_authorship
from src.security.rbac.rbac import authorization_verify_based_on_roles_and_authorship, authorization_verify_if_user_is_anon
from src.services.users.users import PublicUser
from fastapi import HTTPException, status, Request
@ -233,6 +233,8 @@ async def verify_collection_rights(
if current_user.user_id == "anonymous" and action == "read":
return True
await authorization_verify_if_user_is_anon(current_user.user_id)
await authorization_verify_based_on_roles_and_authorship(
request, current_user.user_id, action, user["roles"], collection_id
)