Added User and No access roles in DB

- TODO: add update db script to add missing roles
2022-05-27 21:26:32 +02:00 · 2022-05-27 21:26:32 +02:00 · c153b04c62
commit c153b04c62
parent 19802f56eb
1 changed files with 9 additions and 6 deletions
--- a/web/login/login.py
+++ b/web/login/login.py
@ -256,16 +256,19 @@ def consent():
    # Default access level
    roles = []
    if app_obj:
-        role_objects = (
+        role_object = (
            db.session.query(AppRole)
            .filter(AppRole.app_id == app_obj.id)
            .filter(AppRole.user_id == user.uuid)
+            .first()
        )
-        for role_obj in role_objects:
-            app_role = RoleService.get_role_by_id(role_obj.role_id)
-            if (app_role is None):
-                roles.append('user')
-                continue
+        print(role_object)
+        if role_object is None or role_object.role_id is None:
+            # If there is no role in app_roles or the role_id for an app is null user has no permissions
+            # TODO: how to handle if the user has no access for an app?
+            current_app.logger.error(f"User has no access for: {app_obj.name}")
+        app_role = RoleService.get_role_by_id(role_object.role_id)
+        if (app_role is not None):
            roles.append(app_role.name)

    current_app.logger.info(f"Using '{roles}' when applying consent for {kratos_id}")