maciejpi/nordabiz
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(audit): allow company MANAGER to view own audit dashboards
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details

Browse Source 
Previously only SUPERADMIN could access audit pages (SEO, GBP,
Social Media, IT). Now MANAGER+ of a company can view audits for
their own company. Route-level can_edit_company() check still
restricts to own company only.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Maciej Pienczyn 2026-03-19 17:24:36 +01:00
parent 42284d1bb6
commit 419392b167
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
utils/decorators.py
View File

@ -19,11 +19,16 @@ from flask import abort, flash, redirect, url_for, request
from flask_login import current_user from flask_login import current_user
def is_audit_owner(): def is_audit_owner():
"""True for SUPERADMIN users — full access to audits and technical panels.""" """True for SUPERADMIN or company MANAGER+ — can view audits.
SUPERADMIN sees all audits. MANAGER sees only own company (enforced in routes via can_edit_company).
"""
if not current_user.is_authenticated: if not current_user.is_authenticated:
return False return False
from database import SystemRole from database import SystemRole
return current_user.has_role(SystemRole.SUPERADMIN) if current_user.has_role(SystemRole.SUPERADMIN):
return True
# MANAGER of any company can access audit dashboards (route-level check restricts to own company)
return current_user.can_edit_company()
# Import role enums (lazy import to avoid circular dependencies) # Import role enums (lazy import to avoid circular dependencies)
def _get_system_role(): def _get_system_role():