From b3d54b7620e499e667ea385dcc1eb4383ad156e9 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 29 Mar 2021 17:33:55 +0200 Subject: [PATCH] api: cleanup args for @permission_required Signed-off-by: Jens Langhammer --- authentik/api/decorators.py | 11 +++++++---- authentik/core/api/users.py | 2 +- authentik/crypto/api.py | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/authentik/api/decorators.py b/authentik/api/decorators.py index 539553dad..00a53ed0f 100644 --- a/authentik/api/decorators.py +++ b/authentik/api/decorators.py @@ -7,7 +7,9 @@ from rest_framework.response import Response from rest_framework.viewsets import ModelViewSet -def permission_required(perm: Optional[str] = None, *other_perms: str): +def permission_required( + perm: Optional[str] = None, other_perms: Optional[list[str]] = None +): """Check permissions for a single custom action""" def wrapper_outter(func: Callable): @@ -19,9 +21,10 @@ def permission_required(perm: Optional[str] = None, *other_perms: str): obj = self.get_object() if not request.user.has_perm(perm, obj): return self.permission_denied(request) - for other_perm in other_perms: - if not request.user.has_perm(other_perm): - return self.permission_denied(request) + if other_perms: + for other_perm in other_perms: + if not request.user.has_perm(other_perm): + return self.permission_denied(request) return func(self, request, *args, **kwargs) return wrapper diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py index 2c9e0adcd..f36d852a0 100644 --- a/authentik/core/api/users.py +++ b/authentik/core/api/users.py @@ -131,7 +131,7 @@ class UserViewSet(ModelViewSet): serializer.is_valid() return Response(serializer.data) - @permission_required("authentik_core.view_user", "authentik_events.view_event") + @permission_required("authentik_core.view_user", ["authentik_events.view_event"]) @swagger_auto_schema(responses={200: UserMetricsSerializer(many=False)}) @action(detail=False) def metrics(self, request: Request) -> Response: diff --git a/authentik/crypto/api.py b/authentik/crypto/api.py index eaba2075b..237548a6a 100644 --- a/authentik/crypto/api.py +++ b/authentik/crypto/api.py @@ -113,7 +113,7 @@ class CertificateKeyPairViewSet(ModelViewSet): queryset = CertificateKeyPair.objects.all() serializer_class = CertificateKeyPairSerializer - @permission_required(None, "authentik_crypto.add_certificatekeypair") + @permission_required(None, ["authentik_crypto.add_certificatekeypair"]) @swagger_auto_schema( request_body=CertificateGenerationSerializer(), responses={200: CertificateKeyPairSerializer},