From 086281f1a2756b3d296caeb5f74387992aaec244 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Stucke?= Date: Wed, 19 Mar 2025 14:17:14 +0100 Subject: [PATCH] fix: fix for redirect loop in case of user w/o roles --- src/web_interface/components/miscellaneous_routes.py | 2 +- src/web_interface/security/decorator.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/web_interface/components/miscellaneous_routes.py b/src/web_interface/components/miscellaneous_routes.py index cffa21b08..e1dc0d2df 100644 --- a/src/web_interface/components/miscellaneous_routes.py +++ b/src/web_interface/components/miscellaneous_routes.py @@ -25,7 +25,7 @@ def __init__(self, *args, **kwargs): self.stats_updater = StatsUpdater(stats_db=self.db.stats_updater) @login_required - @roles_accepted(*PRIVILEGES['status']) + @roles_accepted(no_role_needed=True) @AppRoute('/', GET) def show_home(self): latest_count = config.frontend.number_of_latest_firmwares_to_display diff --git a/src/web_interface/security/decorator.py b/src/web_interface/security/decorator.py index 23eb51140..de6cd5e1b 100644 --- a/src/web_interface/security/decorator.py +++ b/src/web_interface/security/decorator.py @@ -5,11 +5,11 @@ import config -def roles_accepted(*roles): +def roles_accepted(*roles, no_role_needed: bool = False): def wrapper(fn): @wraps(fn) def decorated_view(*args, **kwargs): - if not config.frontend.authentication.enabled: + if not config.frontend.authentication.enabled or no_role_needed: return fn(*args, **kwargs) return original_decorator(*roles)(fn)(*args, **kwargs)