Use existing code

cthit · Nov 12, 2024 · 0f25cb8 · 0f25cb8
1 parent 2f322db
commit 0f25cb8
Showing 1 changed file with 2 additions and 10 deletions.
diff --git a/app/src/main/java/it/chalmers/gamma/app/authentication/UserAccessGuard.java b/app/src/main/java/it/chalmers/gamma/app/authentication/UserAccessGuard.java
@@ -61,14 +61,6 @@ public boolean isAdmin() {
     return false;
   }
 
-  public boolean isApi(ApiKeyType apiKeyType) {
-      if (AuthenticationExtractor.getAuthentication() instanceof ApiAuthentication apiPrincipal) {
-        return apiPrincipal.get().keyType() == apiKeyType;
-      }
-
-      return false;
-  }
-
   public boolean haveAccessToUser(UserId userId, boolean userLocked) {
     if (SecurityContextHolder.getContext().getAuthentication() == null
         || !SecurityContextHolder.getContext().getAuthentication().isAuthenticated()) {
@@ -83,10 +75,10 @@ public boolean haveAccessToUser(UserId userId, boolean userLocked) {
     /*
      * If the user is locked then nothing should be returned
      * unless if and only if the signed-in user is an admin,
-     * or if we are using an API key of type ACCOUNT_SCAFFOLD.
+     * or if we are using an API with extended access.
      */
     if (userLocked) {
-      return isAdmin() || isApi(ApiKeyType.ACCOUNT_SCAFFOLD);
+      return isAdmin() || isApiKeyWithExtendedAccess();
     }
 
     // If one user is trying to access another user, then approve