Actually implement staff field in Level4AuthenticatedUser

This existed, and had some test set up, but was not actually set. We're about to store user data in a persistant way in airlock, so it would be good to have this for that purpose.
opensafely-core · Feb 6, 2025 · cd00a2f · cd00a2f
1 parent 10ea6cd
commit cd00a2f
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/jobserver/api/releases.py b/jobserver/api/releases.py
@@ -28,7 +28,13 @@
 from interactive.slacks import notify_report_uploaded
 from jobserver import releases, slacks
 from jobserver.api.authentication import get_backend_from_token
-from jobserver.authorization import OutputChecker, has_permission, has_role, permissions
+from jobserver.authorization import (
+    OutputChecker,
+    StaffAreaAdministrator,
+    has_permission,
+    has_role,
+    permissions,
+)
 from jobserver.commands import users
 from jobserver.models import (
     Project,
@@ -621,7 +627,7 @@ def build_level4_user(user):
             # list the explicit workspaces that the user has this permission
             # for.
             output_checker=has_role(user, OutputChecker),
-            staff=False,
+            staff=has_role(user, StaffAreaAdministrator),
         )
     )
     assert level4_user.is_valid(), level4_user.errors

diff --git a/tests/unit/jobserver/api/test_releases.py b/tests/unit/jobserver/api/test_releases.py
@@ -1813,7 +1813,7 @@ def test_level4tokenauthenticationapi_success_privileged(
         },  # should not include workspace3
         "copiloted_workspaces": {},
         "output_checker": True,
-        "staff": False,
+        "staff": True,
     }