From cd00a2fccb8af79e7517d8a1ccfea1116427b1ea Mon Sep 17 00:00:00 2001 From: bloodearnest Date: Thu, 6 Feb 2025 16:09:59 +0000 Subject: [PATCH] Actually implement staff field in Level4AuthenticatedUser This existed, and had some test set up, but was not actually set. We're about to store user data in a persistant way in airlock, so it would be good to have this for that purpose. --- jobserver/api/releases.py | 10 ++++++++-- tests/unit/jobserver/api/test_releases.py | 2 +- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/jobserver/api/releases.py b/jobserver/api/releases.py index 036c0b5fe..9f286ece1 100644 --- a/jobserver/api/releases.py +++ b/jobserver/api/releases.py @@ -28,7 +28,13 @@ from interactive.slacks import notify_report_uploaded from jobserver import releases, slacks from jobserver.api.authentication import get_backend_from_token -from jobserver.authorization import OutputChecker, has_permission, has_role, permissions +from jobserver.authorization import ( + OutputChecker, + StaffAreaAdministrator, + has_permission, + has_role, + permissions, +) from jobserver.commands import users from jobserver.models import ( Project, @@ -621,7 +627,7 @@ def build_level4_user(user): # list the explicit workspaces that the user has this permission # for. output_checker=has_role(user, OutputChecker), - staff=False, + staff=has_role(user, StaffAreaAdministrator), ) ) assert level4_user.is_valid(), level4_user.errors diff --git a/tests/unit/jobserver/api/test_releases.py b/tests/unit/jobserver/api/test_releases.py index dd023ce0c..40c823643 100644 --- a/tests/unit/jobserver/api/test_releases.py +++ b/tests/unit/jobserver/api/test_releases.py @@ -1813,7 +1813,7 @@ def test_level4tokenauthenticationapi_success_privileged( }, # should not include workspace3 "copiloted_workspaces": {}, "output_checker": True, - "staff": False, + "staff": True, }