check device approval elsewhere

2022-04-05 01:52:58 +00:00 · 2022-04-05 01:52:58 +00:00 · f2948a7b64
commit f2948a7b64
parent 143e9a9fa9
1 changed files with 8 additions and 6 deletions
--- a/api/kiwi_vpn_api/db/user.py
+++ b/api/kiwi_vpn_api/db/user.py
@ -282,22 +282,24 @@ class User(UserBase, table=True):
        # deny be default
        return False

-    def can_issue(self, device: Device) -> bool:
+    @property
+    def can_issue(self) -> bool:
        """
        Check if this user can issue a certificate without approval.
        """

        return (
-            device.approved in (None, False)
-            and (self.is_admin or self.has_tag(TagValue.issue))
+            self.is_admin
+            or self.has_tag(TagValue.issue)
        )

-    def can_renew(self, device: Device) -> bool:
+    @property
+    def can_renew(self) -> bool:
        """
        Check if this user can renew a certificate without approval.
        """

        return (
-            device.approved is True
-            and (self.is_admin or self.has_tag(TagValue.renew))
+            self.is_admin
+            or self.has_tag(TagValue.renew)
        )