Changing the order of firm and user validation
This commit is contained in:
@@ -18,41 +18,53 @@ class Registry:
|
||||
|
||||
self.current_firm = CurrentFirm.get_current(self.db)
|
||||
|
||||
async def set_user(self, user):
|
||||
def check_user(self, user):
|
||||
for firm in user.firms:
|
||||
if firm.instance == self.instance and firm.firm == self.firm:
|
||||
partner = await Partner.get_by_user_id(self.db, user.id)
|
||||
partner_entity = await Entity.get(self.db, partner.entity_id)
|
||||
self.user = user
|
||||
self.partner = partner_entity
|
||||
self.db.partner = partner_entity
|
||||
return
|
||||
return True
|
||||
raise PermissionError
|
||||
|
||||
async def set_user(self, user):
|
||||
self.check_user(user)
|
||||
|
||||
partner = await Partner.get_by_user_id(self.db, user.id)
|
||||
partner_entity = await Entity.get(self.db, partner.entity_id)
|
||||
self.user = user
|
||||
self.partner = partner_entity
|
||||
self.db.partner = partner_entity
|
||||
return
|
||||
|
||||
raise PermissionError
|
||||
|
||||
async def get_tenant_registry(instance: str, firm: str, db_client=Depends(get_db_client)) -> Registry:
|
||||
registry = Registry(db_client, instance, firm)
|
||||
if await registry.current_firm is None:
|
||||
raise HTTPException(status_code=405, detail=f"Firm needs to be initialized first")
|
||||
raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.")
|
||||
|
||||
return registry
|
||||
|
||||
async def get_authed_tenant_registry(registry=Depends(get_tenant_registry), user=Depends(get_current_user)) -> Registry:
|
||||
async def get_authed_tenant_registry(instance: str, firm: str, db_client=Depends(get_db_client), user=Depends(get_current_user)) -> Registry:
|
||||
registry = Registry(db_client, instance, firm)
|
||||
try:
|
||||
await registry.set_user(user)
|
||||
registry.check_user(user)
|
||||
except PermissionError:
|
||||
raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.")
|
||||
|
||||
if await registry.current_firm is None:
|
||||
raise HTTPException(status_code=405, detail=f"Firm needs to be initialized first")
|
||||
|
||||
await registry.set_user(user)
|
||||
return registry
|
||||
|
||||
async def get_uninitialized_registry(instance: str, firm: str, db_client=Depends(get_db_client), user=Depends(get_current_user)) -> Registry:
|
||||
registry = Registry(db_client, instance, firm)
|
||||
if await registry.current_firm is not None:
|
||||
raise HTTPException(status_code=409, detail="Firm configuration already exists")
|
||||
|
||||
try:
|
||||
await registry.set_user(user)
|
||||
registry.check_user(user)
|
||||
except PermissionError:
|
||||
raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.")
|
||||
|
||||
if await registry.current_firm is not None:
|
||||
raise HTTPException(status_code=409, detail="Firm configuration already exists")
|
||||
|
||||
await registry.set_user(user)
|
||||
return registry
|
||||
|
||||
Reference in New Issue
Block a user