release v0.12.5

fix: permission for ip
release v0.12.3
2025-12-23 13:31:58 +00:00 · 2024-07-29 09:46:39 +02:00 · 2024-07-29 09:36:36 +02:00 · 2024-07-25 23:04:28 +02:00 · 2024-07-25 23:04:01 +02:00
4 changed files with 22 additions and 14 deletions
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -8,6 +8,16 @@
 Changes
 =======

+Version v0.12.5 (release 2024-07-29)
+
+- fix: permission for ip
+
+
+Version v0.12.3 (release 2024-07-25)
+
+- fix(tugraz_authenticated): missmatch of role name
+
+
 Version v0.12.2 (release 2024-07-19)

 - setup: introduce ruff
--- a/invenio_config_tugraz/init.py
+++ b/invenio_config_tugraz/init.py
@@ -11,7 +11,7 @@
 from .ext import InvenioConfigTugraz
 from .utils import get_identity_from_user_by_email

-__version__ = "0.12.2"
+__version__ = "0.12.5"

 __all__ = (
    "__version__",
--- a/invenio_config_tugraz/permissions/generators.py
+++ b/invenio_config_tugraz/permissions/generators.py
@@ -65,12 +65,11 @@ class RecordSingleIP(Generator):
        if record is None:
            return []

-        # if record does not have singleip - return any_user
-        if not record.get("custom_fields", {}).get("single_ip", False):
-            return [any_user]
-
        # if record has singleip, and the ip of the user matches the allowed ip
-        if self.check_permission():
+        if (
+            record.get("custom_fields", {}).get("single_ip", False)
+            and self.check_permission()
+        ):
            return [any_user]

        # non of the above - return empty
@@ -138,12 +137,11 @@ class AllowedFromIPNetwork(Generator):
        if record is None:
            return []

-        # if the record doesn't have set the ip range allowance
-        if not record.get("custom_fields", {}).get("ip_network", False):
-            return [any_user]
-
        # if the record has set the ip_range allowance and is in the range
-        if self.check_permission():
+        if (
+            record.get("custom_fields", {}).get("ip_network", False)
+            and self.check_permission()
+        ):
            return [any_user]

        # non of the above - return empty
--- a/invenio_config_tugraz/permissions/roles.py
+++ b/invenio_config_tugraz/permissions/roles.py
@@ -9,13 +9,13 @@
 """`RoleNeed`s for permission policies.

 To use these roles, add them to the database via:
-    `$ invenio roles create tugraz_authenticated_user --description "..."`
+    `$ invenio roles create tugraz_authenticated --description "..."`
 then add roles to users via:
-    `$ invenio roles add user@email.com tugraz_authenticated_user`
+    `$ invenio roles add user@email.com tugraz_authenticated`
 """

 from flask_principal import RoleNeed

 # using `flask_principal.RoleNeed`` instead of `invenio_access.SystemRoleNeed`,
 # because these roles are assigned by an admin rather than automatically by the system
-tugraz_authenticated_user = RoleNeed("tugraz_authenticated_user")
+tugraz_authenticated_user = RoleNeed("tugraz_authenticated")
Author	SHA1	Message	Date
Christoph Ladurner	04ca3f5661	release v0.12.5	2024-07-29 09:46:39 +02:00
Christoph Ladurner	5d84b08e26	fix: permission for ip	2024-07-29 09:36:36 +02:00
Christoph Ladurner	5e4fcca0ed	release v0.12.3	2024-07-25 23:04:28 +02:00
Christoph Ladurner	c934a4952b	fix(tugraz_authenticated): missmatch of role name	2024-07-25 23:04:01 +02:00