admin guard

2022-11-08 16:30:59 +01:00 · 2022-11-08 16:30:59 +01:00 · 755a443c96
commit 755a443c96
parent 9ca056376c
2 changed files with 5 additions and 5 deletions
--- a/backend/areas/users/users.py
+++ b/backend/areas/users/users.py
@ -14,7 +14,7 @@ from .lit_user_service import UserService
@api_v1.route("/users", methods=["GET"])
@jwt_required()
@cross_origin()
-@admin_required()
+# @admin_required() TODO: not needed as authentik checks permissions?
 def get_users():
    return  jsonify(UserService.get_users())

--- a/backend/helpers/auth_guard.py
+++ b/backend/helpers/auth_guard.py
@ -11,10 +11,10 @@ def admin_required():
        @wraps(fn)
        def decorator(*args, **kwargs):
            verify_jwt_in_request()
-            # claims = get_jwt()
-            # user_id = claims["user_id"]
-            is_admin = True #  RoleService.is_user_admin(user_id)
-            # TODO: actually check if admin
+            claims = get_jwt()
+
+            user_id = claims["user_id"]
+            is_admin = RoleService.is_user_admin(user_id)
            if is_admin:
                return fn(*args, **kwargs)
            else: