Fix authorization function so that it extracts user_record from update

2020-04-20 18:20:44 +02:00 · 2020-04-20 18:20:44 +02:00 · 41bc5b68a4
commit 41bc5b68a4
parent 91ab00eec6
2 changed files with 11 additions and 1 deletions
--- a/davtelepot/init.py
+++ b/davtelepot/init.py
@ -14,7 +14,7 @@ __author__ = "Davide Testa"
 __email__ = "davide@davte.it"
 __credits__ = ["Marco Origlia", "Nick Lee @Nickoala"]
 __license__ = "GNU General Public License v3.0"
-__version__ = "2.4.19"
+__version__ = "2.4.20"
 __maintainer__ = "Davide Testa"
 __contact__ = "t.me/davte"

--- a/davtelepot/authorization.py
+++ b/davtelepot/authorization.py
@ -235,6 +235,16 @@ def get_authorization_function(bot):

    def is_authorized(update, user_record=None, authorization_level=2):
        """Return True if user role is at least at `authorization_level`."""
+        if user_record is None:
+            if (
+                    isinstance(update, dict)
+                    and 'from' in update
+                    and isinstance(update['from'], dict)
+                    and 'id' in update['from']
+            ):
+                user_record = bot.db['users'].find_one(
+                    telegram_id=update['from']['id']
+                )
        user_role = bot.Role.get_user_role(user_record=user_record)
        if user_role.code == 0:
            return False