From b9364f0e3d2968b593780ee9ef5e7173ce26afd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Madis=20M=C3=A4gi?= Date: Wed, 28 Aug 2024 11:22:33 +0300 Subject: [PATCH] Fix group none error --- inventory-app/inventory.py | 4 ++-- inventory-app/oidc.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/inventory-app/inventory.py b/inventory-app/inventory.py index a21a94e..40c70ca 100644 --- a/inventory-app/inventory.py +++ b/inventory-app/inventory.py @@ -33,7 +33,7 @@ def view_inventory_view(item_id): template = "inventory_view_public.html" redirect_url = urllib.parse.quote_plus(request.full_path) else: - can_audit = "k-space:janitors" in user["groups"] + can_audit = "k-space:janitors" in user.get("groups", []) can_edit = check_edit_permission(item_id) is_using = item_user and item_user == user["username"] photo_url = get_image_url(item_id) @@ -411,7 +411,7 @@ def view_inventory(slug=None): else: fields.append(("inventory.owner.username", "Owner", str)) fields.append(("inventory.user.username", "User", str)) - can_audit = "k-space:janitors" in login_user["groups"] + can_audit = "k-space:janitors" in login_user.get("groups", []) if slug and not public_view: template = "inventory_pick.html" if request.path.startswith("/m/inventory/clone-with-slug"): diff --git a/inventory-app/oidc.py b/inventory-app/oidc.py index 7c03be0..d816e5d 100644 --- a/inventory-app/oidc.py +++ b/inventory-app/oidc.py @@ -21,7 +21,7 @@ def login_required(_f=None, *, groups=[]): user = read_user() if not user: return do_login() - if groups and not any(group in groups for group in user["groups"]): + if groups and not any(group in groups for group in user.get("groups", [])): return "not allowed", 401 return f(*args, **kwargs) return decorated_function