From 9abd831014377a4789681d5e51454ddb10baa8c0 Mon Sep 17 00:00:00 2001 From: Big-Lolo <95545807+Big-Lolo@users.noreply.github.com> Date: Mon, 4 Nov 2024 00:57:07 +0100 Subject: [PATCH] Refactor authorization checks in EventService to use UserType.LLEIDAHACKER --- src/impl/Event/service.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/impl/Event/service.py b/src/impl/Event/service.py index 08fed96..05d49c6 100644 --- a/src/impl/Event/service.py +++ b/src/impl/Event/service.py @@ -617,7 +617,7 @@ def accept_hacker(self, event_id: int, hacker_id: int, data: BaseToken): @BaseService.needs_service(HackerService) def unaccept_hacker(self, event_id: int, hacker_id: int, data: BaseToken): - if not data.is_admin: + if not data.check([UserType.LLEIDAHACKER]): raise AuthenticationException("Not authorized") event = self.get_by_id(event_id) if event.archived: @@ -634,7 +634,7 @@ def unaccept_hacker(self, event_id: int, hacker_id: int, data: BaseToken): @BaseService.needs_service('HackerGroupService') def reject_group(self, event_id: int, group_id, data: BaseToken): - if not data.is_admin: + if not data.check([UserType.LLEIDAHACKER]): raise AuthenticationException("Not authorized") event = self.get_by_id(event_id) if event.archived: @@ -654,7 +654,7 @@ def reject_group(self, event_id: int, group_id, data: BaseToken): @BaseService.needs_service(HackerService) def reject_hacker(self, event_id: int, hacker_id: int, data: BaseToken): - if not data.is_admin: + if not data.check([UserType.LLEIDAHACKER]): raise AuthenticationException("Not authorized") event = self.get_by_id(event_id) if event.archived: @@ -665,7 +665,7 @@ def reject_hacker(self, event_id: int, hacker_id: int, data: BaseToken): raise InvalidDataException("Hacker not registered") if hacker in event.accepted_hackers: raise InvalidDataException("Hacker already accepted") - event.rejected_hackers.remove(hacker) + event.rejected_hackers.append(hacker) db.session.commit() db.session.refresh(event) db.session.refresh(hacker)