ewandor/roleplay-contract
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Changing the order of firm and user validation

Browse Source
This commit is contained in:
ewandor
2025-05-06 21:07:25 +02:00
parent 2fed7fa4e7
commit 5080e5fdde
1 changed files with 26 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
api/rpk-api/firm/core/depends.py
View File

@@ -18,41 +18,53 @@ class Registry:
self.current_firm = CurrentFirm.get_current(self.db) self.current_firm = CurrentFirm.get_current(self.db)
async def set_user(self, user): def check_user(self, user):
for firm in user.firms: for firm in user.firms:
if firm.instance == self.instance and firm.firm == self.firm: if firm.instance == self.instance and firm.firm == self.firm:
partner = await Partner.get_by_user_id(self.db, user.id) return True
partner_entity = await Entity.get(self.db, partner.entity_id) raise PermissionError
self.user = user
self.partner = partner_entity async def set_user(self, user):
self.db.partner = partner_entity self.check_user(user)
return
partner = await Partner.get_by_user_id(self.db, user.id)
partner_entity = await Entity.get(self.db, partner.entity_id)
self.user = user
self.partner = partner_entity
self.db.partner = partner_entity
return
raise PermissionError raise PermissionError
async def get_tenant_registry(instance: str, firm: str, db_client=Depends(get_db_client)) -> Registry: async def get_tenant_registry(instance: str, firm: str, db_client=Depends(get_db_client)) -> Registry:
registry = Registry(db_client, instance, firm) registry = Registry(db_client, instance, firm)
if await registry.current_firm is None: if await registry.current_firm is None:
raise HTTPException(status_code=405, detail=f"Firm needs to be initialized first") raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.")
return registry return registry
async def get_authed_tenant_registry(registry=Depends(get_tenant_registry), user=Depends(get_current_user)) -> Registry: async def get_authed_tenant_registry(instance: str, firm: str, db_client=Depends(get_db_client), user=Depends(get_current_user)) -> Registry:
registry = Registry(db_client, instance, firm)
try: try:
await registry.set_user(user) registry.check_user(user)
except PermissionError: except PermissionError:
raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.") raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.")
if await registry.current_firm is None:
raise HTTPException(status_code=405, detail=f"Firm needs to be initialized first")
await registry.set_user(user)
return registry return registry
async def get_uninitialized_registry(instance: str, firm: str, db_client=Depends(get_db_client), user=Depends(get_current_user)) -> Registry: async def get_uninitialized_registry(instance: str, firm: str, db_client=Depends(get_db_client), user=Depends(get_current_user)) -> Registry:
registry = Registry(db_client, instance, firm) registry = Registry(db_client, instance, firm)
if await registry.current_firm is not None:
raise HTTPException(status_code=409, detail="Firm configuration already exists")
try: try:
await registry.set_user(user) registry.check_user(user)
except PermissionError: except PermissionError:
raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.") raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.")
if await registry.current_firm is not None:
raise HTTPException(status_code=409, detail="Firm configuration already exists")
await registry.set_user(user)
return registry return registry