diff --git a/apps/api/src/db/resource_authors.py b/apps/api/src/db/resource_authors.py index 3befb846..758a59c3 100644 --- a/apps/api/src/db/resource_authors.py +++ b/apps/api/src/db/resource_authors.py @@ -1,7 +1,5 @@ from enum import Enum -from typing import Optional, Union -from pydantic import BaseModel -from sqlalchemy import JSON, Column +from typing import Optional from sqlmodel import Field, SQLModel diff --git a/apps/api/src/routers/users.py b/apps/api/src/routers/users.py index 181898a2..efab5dda 100644 --- a/apps/api/src/routers/users.py +++ b/apps/api/src/routers/users.py @@ -1,6 +1,5 @@ from fastapi import APIRouter, Depends, Request from sqlmodel import Session -from src.security.rbac.rbac import authorization_verify_based_on_roles, authorization_verify_if_element_is_public, authorization_verify_if_user_is_author from src.security.auth import get_current_user from src.core.events.database import get_db_session diff --git a/apps/api/src/security/rbac/rbac.py b/apps/api/src/security/rbac/rbac.py index 0dba06d9..66e3d81f 100644 --- a/apps/api/src/security/rbac/rbac.py +++ b/apps/api/src/security/rbac/rbac.py @@ -1,7 +1,6 @@ -from math import e from typing import Literal from fastapi import HTTPException, status, Request -from sqlalchemy import func, null, or_ +from sqlalchemy import null from sqlmodel import Session, select from src.db.collections import Collection from src.db.courses import Course @@ -23,7 +22,7 @@ async def authorization_verify_if_element_is_public( if element_nature == ("courses" or "collections") and action == "read": if element_nature == "courses": statement = select(Course).where( - Course.public == True, Course.course_uuid == element_uuid + Course.public is True, Course.course_uuid == element_uuid ) course = db_session.exec(statement).first() if course: @@ -36,7 +35,7 @@ async def authorization_verify_if_element_is_public( if element_nature == "collections": statement = select(Collection).where( - Collection.public == True, Collection.collection_uuid == element_uuid + Collection.public is True, Collection.collection_uuid == element_uuid ) collection = db_session.exec(statement).first() diff --git a/apps/api/src/services/courses/collections.py b/apps/api/src/services/courses/collections.py index 73855956..e19ef879 100644 --- a/apps/api/src/services/courses/collections.py +++ b/apps/api/src/services/courses/collections.py @@ -17,13 +17,6 @@ from src.db.collections_courses import CollectionCourse from src.db.courses import Course from src.services.users.users import PublicUser from fastapi import HTTPException, status, Request -from typing import List -from fastapi import HTTPException, Request -from sqlmodel import Session, select -from src.db.collections import Collection -from src.db.courses import Course -from src.db.collections_courses import CollectionCourse -from src.services.users.users import PublicUser #################################################### diff --git a/apps/api/src/services/courses/courses.py b/apps/api/src/services/courses/courses.py index 19c8e63e..6f7fd613 100644 --- a/apps/api/src/services/courses/courses.py +++ b/apps/api/src/services/courses/courses.py @@ -1,19 +1,10 @@ -from calendar import c -import json -from queue import Full -import resource from typing import Literal from uuid import uuid4 from sqlmodel import Session, select -from src.db import chapters -from src.db.activities import Activity, ActivityRead -from src.db.chapter_activities import ChapterActivity -from src.db.chapters import Chapter, ChapterRead from src.db.organizations import Organization from src.db.trails import TrailRead from src.services.trail.trail import get_user_trail_with_orgid -from src import db from src.db.resource_authors import ResourceAuthor, ResourceAuthorshipEnum from src.db.users import PublicUser, AnonymousUser from src.db.courses import ( @@ -29,7 +20,7 @@ from src.security.rbac.rbac import ( authorization_verify_if_user_is_anon, ) from src.services.courses.thumbnails import upload_thumbnail -from fastapi import HTTPException, Request, status, UploadFile +from fastapi import HTTPException, Request, UploadFile from datetime import datetime @@ -267,7 +258,7 @@ async def get_courses_orgslug( statement_public = ( select(Course) .join(Organization) - .where(Organization.slug == org_slug, Course.public == True) + .where(Organization.slug == org_slug, Course.public is True) ) statement_all = ( select(Course).join(Organization).where(Organization.slug == org_slug) diff --git a/apps/api/src/services/roles/roles.py b/apps/api/src/services/roles/roles.py index 8eceda95..a5d46253 100644 --- a/apps/api/src/services/roles/roles.py +++ b/apps/api/src/services/roles/roles.py @@ -4,7 +4,6 @@ from sqlmodel import Session, select from src.security.rbac.rbac import ( authorization_verify_based_on_roles_and_authorship, authorization_verify_if_user_is_anon, - authorization_verify_if_user_is_author, ) from src.db.users import AnonymousUser, PublicUser from src.db.roles import Role, RoleCreate, RoleRead, RoleUpdate diff --git a/apps/api/src/services/users/users.py b/apps/api/src/services/users/users.py index 94fc594b..bc137af7 100644 --- a/apps/api/src/services/users/users.py +++ b/apps/api/src/services/users/users.py @@ -3,9 +3,7 @@ from typing import Literal from uuid import uuid4 from fastapi import HTTPException, Request, status from sqlmodel import Session, select -from src import db from src.security.rbac.rbac import ( - authorization_verify_based_on_roles, authorization_verify_based_on_roles_and_authorship, authorization_verify_if_user_is_anon, ) @@ -338,7 +336,7 @@ async def rbac_check( if current_user.id == 0: # if user is anonymous return True else: - res = await authorization_verify_based_on_roles_and_authorship( + await authorization_verify_based_on_roles_and_authorship( request, current_user.id, "create", "user_x", db_session )