[Plugin] auth_ldap, balance: Some minor reformatting

2021-01-18 18:31:13 +01:00 · 2021-01-18 18:31:13 +01:00 · d0db878a5c
parent 7ec37914a1
commit d0db878a5c
2 changed files with 5 additions and 7 deletions
--- a/flaschengeist/plugins/auth_ldap/init.py
+++ b/flaschengeist/plugins/auth_ldap/init.py
@ -157,6 +157,10 @@ class AuthLDAP(AuthPlugin):
            raise NotFound

    def set_avatar(self, user, avatar: _Avatar):
+        if self.admin_dn is None:
+            logger.error("admin_dn missing in ldap config!")
+            raise InternalServerError
+
        if avatar.mimetype != "image/jpeg":
            # Try converting using Pillow (if installed)
            try:
@ -174,9 +178,6 @@ class AuthLDAP(AuthPlugin):
                logger.debug(f"Could not convert avatar from '{avatar.mimetype}' to JPEG")
                raise BadRequest("Unsupported image format")

-        if self.admin_dn is None:
-            logger.error("admin_dn missing in ldap config!")
-            raise InternalServerError
        dn = user.get_attribute("DN")
        ldap_conn = self.ldap.connect(self.admin_dn, self.admin_secret)
        ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [avatar.binary])]})
--- a/flaschengeist/plugins/balance/init.py
+++ b/flaschengeist/plugins/balance/init.py
@ -63,7 +63,7 @@ def get_limit(userid, current_session: Session):


@balance_bp.route("/users/<userid>/balance/limit", methods=["PUT"])
-@login_required()
+@login_required(permissions.SET_LIMIT)
 def set_limit(userid, current_session: Session):
    """Set the limit of an user

@ -79,9 +79,6 @@ def set_limit(userid, current_session: Session):
        HTTP-200 or HTTP error
    """
    user = userController.get_user(userid)
-    if not current_session._user.has_permission(permissions.SET_LIMIT):
-        raise Forbidden
-
    data = request.get_json()
    try:
        limit = data["limit"]