notification: fix patron profile URL

Closes rero#2282. Co-Authored-by: Renaud Michotte <renaud.michotte@gmail.com>
zannkukai · Aug 19, 2021 · 898d81e · 898d81e
1 parent 718b6eb
commit 898d81e
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 10 deletions.
diff --git a/rero_ils/modules/decorators.py b/rero_ils/modules/decorators.py
@@ -19,7 +19,7 @@
 
 from functools import wraps
 
-from flask import jsonify
+from flask import abort, jsonify, redirect
 from flask_login import current_user
 
 from rero_ils.permissions import login_and_librarian, login_and_patron
@@ -41,13 +41,18 @@ def wrapper(*args, **kwargs):
 def check_logged_as_patron(fn):
     """Decorator to check if the current logged user is logged as patron.
 
-    If no user is connected: return 401 (unauthorized)
+    If no user is connected: redirect the user to sign-in page
     If current logged user isn't `patron`: return 403 (forbidden)
     """
     @wraps(fn)
     def wrapper(*args, **kwargs):
-        login_and_patron()
-        return fn(*args, **kwargs)
+        status, code, redirect_url = login_and_patron()
+        if status:
+            return fn(*args, **kwargs)
+        elif redirect_url:
+            return redirect(redirect_url)
+        else:
+            abort(code)
     return wrapper
 
 

diff --git a/rero_ils/modules/notifications/api.py b/rero_ils/modules/notifications/api.py
@@ -189,10 +189,9 @@ def replace_pids_and_refs(self):
             base_url = current_app.config.get('RERO_ILS_APP_URL')
             profile_url = f'{base_url}/{view_code}/patrons/profile'
             data['loan']['profile_url'] = profile_url
-
             return data
         except Exception as error:
-            raise(error)
+            raise error
 
     def init_loan(self):
         """Set loan of the notification."""

diff --git a/rero_ils/permissions.py b/rero_ils/permissions.py
@@ -19,7 +19,7 @@
 
 from functools import wraps
 
-from flask import abort, current_app, redirect, url_for
+from flask import abort, current_app, redirect, request, url_for
 from flask_login import current_user
 from flask_principal import RoleNeed
 from flask_security import login_required, roles_required
@@ -64,11 +64,19 @@ def login_and_librarian():
 
 
 def login_and_patron():
-    """Patron is logged in."""
+    """Patron is logged in.
+
+    :return a tuple with 3 values:
+      * bool: check if the user is connected and has a patron role.
+      * int: the http return code (200, 401, 403).
+      * string: the redirect url to use (optional).
+    """
     if current_user and not current_user.is_authenticated:
-        abort(401)
+        redirect_url = url_for('security.login', next=request.path)
+        return False, 401, redirect_url
     if len(current_patrons) == 0:
-        abort(403)
+        return False, 403, None
+    return True, 200, None
 
 
 def can_access_professional_view(func):