From e3d17e567741b341be01f27512b53ff0da13db83 Mon Sep 17 00:00:00 2001 From: Valentin Deniaud Date: Wed, 24 Apr 2019 11:41:33 +0200 Subject: [PATCH] utils: add is_staff check to user_has_role --- mellon/utils.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mellon/utils.py b/mellon/utils.py index 754f071..1b025cc 100644 --- a/mellon/utils.py +++ b/mellon/utils.py @@ -295,9 +295,13 @@ def has_superuser_flag(idp, saml_attributes): def user_has_role(request, role_id): + if request.user.is_staff and request.session.get('is_staff'): + return True try: group = request.user.groups.get(id=role_id) except Group.DoesNotExist: + if request.user.is_staff: + raise RoleNotInSession(request.session.get('auth_level', 1) + 1) return False role = getattr(group, 'role') if not role: -- 2.20.1