Don't do DB query to inspect current user.

This is especially important for IP ranges on Organizations, which can change user roles on the fly in memory.
2018-01-24 14:57:30 +01:00
parent ca393af1b3
commit 13dc6fea8e
1 changed files with 2 additions and 2 deletions
--- a/attract/auth.py
+++ b/attract/auth.py
@@ -33,9 +33,9 @@ class Auth(object):
    def current_user_is_attract_user(self) -> bool:
        """Returns True iff the current user has Attract User role."""

-        from pillar.api.utils.authentication import current_user_id
+        from pillar.auth import current_user

-        return self.user_is_attract_user(current_user_id())
+        return current_user.has_cap('attract-use')

    def user_is_attract_user(self, user_id: bson.ObjectId) -> bool:
        """Returns True iff the user has Attract User role."""