remove unused function

- add check if editing user is admin for role editing
2022-07-11 21:55:31 +02:00 · 2022-07-11 21:55:31 +02:00 · 8bcccf417d
commit 8bcccf417d
parent 5b55c4498b
2 changed files with 5 additions and 32 deletions
--- a/areas/users/user_service.py
+++ b/areas/users/user_service.py
@ -42,42 +42,14 @@ class UserService:
        return UserService.get_user(res["id"])

    @staticmethod
-    def put_user(id, data):
+    def put_user(id, user_editing_id, data):
        kratos_data = {
            "schema_id": "default",
            "traits": {"email": data["email"], "name": data["name"]},
        }
        KratosApi.put("/admin/identities/{}".format(id), kratos_data)

-        if data["app_roles"]:
-            app_roles = data["app_roles"]
-            for ar in app_roles:
-                app = App.query.filter_by(slug=ar["name"]).first()
-                app_role = AppRole.query.filter_by(user_id=id, app_id=app.id).first()
-
-                if app_role:
-                    app_role.role_id = ar["role_id"] if "role_id" in ar else None
-                    db.session.commit()
-                else:
-                    appRole = AppRole(
-                        user_id=id,
-                        role_id=ar["role_id"] if "role_id" in ar else None,
-                        app_id=app.id,
-                    )
-                    db.session.add(appRole)
-                    db.session.commit()
-
-        return UserService.get_user(id)
-
-    @staticmethod
-    def put_personal_info(id, data):
-        kratos_data = {
-            "schema_id": "default",
-            "traits": {"email": data["email"], "name": data["name"]},
-        }
-        KratosApi.put("/admin/identities/{}".format(id), kratos_data)
-
-        is_admin = RoleService.is_user_admin(id)
+        is_admin = RoleService.is_user_admin(user_editing_id)

        if is_admin and data["app_roles"]:
            app_roles = data["app_roles"]
--- a/areas/users/users.py
+++ b/areas/users/users.py
@ -47,7 +47,8 @@ def post_user():
@admin_required()
 def put_user(id):
    data = request.get_json()
-    res = UserService.put_user(id, data)
+    user_id = __get_user_id_from_jwt()
+    res = UserService.put_user(id, user_id, data)
    return jsonify(res)


@ -79,7 +80,7 @@ def get_personal_info():
 def update_personal_info():
    data = request.get_json()
    user_id = __get_user_id_from_jwt()
-    res = UserService.put_user(user_id, data)
+    res = UserService.put_user(user_id, user_id, data)
    return jsonify(res)