This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
commit e0ee0fd97f37bbf506ce3812310c762260b4ca60
Author: Dave Brondsema <dbronds...@slashdotmedia.com>
AuthorDate: Wed Apr 3 11:06:22 2024 -0400
[#8556] avoid recursive TruthyCallable
---
Allura/allura/lib/security.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/Allura/allura/lib/security.py b/Allura/allura/lib/security.py
index e73f6ad2b..8f59a4ba8 100644
--- a/Allura/allura/lib/security.py
+++ b/Allura/allura/lib/security.py
@@ -305,7 +305,7 @@ def debug_obj(obj) -> str:
return str(obj)
-def has_access(obj, permission: str, user: M.User | None = None, project:
M.Project | None = None):
+def has_access(obj, permission: str, user: M.User | None = None, project:
M.Project | None = None) -> TruthyCallable:
'''Return whether the given user has the permission name on the given
object.
- First, all the roles for a user in the given project context are
computed.
@@ -348,7 +348,7 @@ def has_access(obj, permission: str, user: M.User | None =
None, project: M.Proj
DEBUG = False
- def predicate(obj=obj, user=user, project=project, roles=None):
+ def predicate(obj=obj, user=user, project=project, roles=None) -> bool:
if obj is None:
if DEBUG:
log.debug(f'{user} denied {permission} on {debug_obj(obj)}
({debug_obj(project)})')
@@ -404,6 +404,7 @@ def has_access(obj, permission: str, user: M.User | None =
None, project: M.Proj
result = has_access(project, 'admin', user=user)()
else:
result = False
+ result = bool(result)
if DEBUG:
log.debug(f"{user.username} '{permission}' {result} from parent(s)
on {debug_obj(obj)} ({debug_obj(project)})")
return result
