From 70bb4fa4b0036b54e20825f8a9711998fb526d13 Mon Sep 17 00:00:00 2001
From: Alexander Kaschta <alexander.kaschta9@kit.edu>
Date: Fri, 14 Mar 2025 23:12:27 +0100
Subject: [PATCH] FIX: Perform requests as logged in user

---
 api/bcd_request.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/api/bcd_request.py b/api/bcd_request.py
index d42ddaf..c2a7f8d 100644
--- a/api/bcd_request.py
+++ b/api/bcd_request.py
@@ -16,7 +16,7 @@ js_mods = ['bcdrequest']
 
 @router.post('')
 async def handle_request(bcd_request: BCDRequestModel, token: APIToken = Depends(check_auth), conn=Depends(get_conn)):
-    Mgr.check_token(conn, token)
+    user = Mgr.check_token(conn, token)
 
     ou_request = execute_wapi_function(conn, [
         {"idx": "own_mgr2ou_list", "name": "cntl.mgr2ou.list", "old": {"is_own": True}},
@@ -29,7 +29,8 @@ async def handle_request(bcd_request: BCDRequestModel, token: APIToken = Depends
         {"name": "dns.fqdn2ou.list", "inner_join_ref": {"unit_list_superset": "default"}, "idx": "fqdn2ou_list"},
         {"name": "nd.bcd2ou.list", "inner_join_ref": {"unit_list_superset": "default"}, "idx": "bcd2ou_list"},
         {"name": "nd.bcd.list", "inner_join_ref": {"bcd2ou_list": "default"}, "idx": "bcd_list"},
-        {"name": "org.unit_type.list", "inner_join_ref": {"unit_list": "default"}, "idx": "unit_type_list"}])
+        {"name": "org.unit_type.list", "inner_join_ref": {"unit_list": "default"}, "idx": "unit_type_list"}],
+                                       user=user.login_name)
 
     ous = [item["short_name"] for item in ou_request["unit_list"]]
 
@@ -59,7 +60,8 @@ async def handle_request(bcd_request: BCDRequestModel, token: APIToken = Depends
         {"idx": "recursive_mgr2ou_list", "name": "cntl.mgr2ou.list", "inner_join_ref": {"parent_ous": "default"}},
         {"idx": "recursive_mgr_list", "name": "cntl.mgr.list", "inner_join_ref": {"recursive_mgr2ou_list": "default"}},
         {"idx": "recursive_bcd_list", "name": "nd.bcd.list", "inner_join_ref": {"recursive_bcd2ou_list": "default"}},
-        {"name": "org.unit_type.list", "inner_join_ref": {"current_ou": "default"}, "idx": "unit_type_list"}])
+        {"name": "org.unit_type.list", "inner_join_ref": {"current_ou": "default"}, "idx": "unit_type_list"}],
+                                          user=user.login_name)
 
     groups = [item["name"] for item in group_request["group_list"]]
 
@@ -77,7 +79,6 @@ async def handle_request(bcd_request: BCDRequestModel, token: APIToken = Depends
 
 
 def validate_bcd_request(bcd_request: BCDRequestModel) -> bool:
-
     if (bcd_request.protection_requirement == BCDProtectionRequirements.SPECIAL and
             bcd_request.protection_requirement_note is None):
         raise HTTPException(
-- 
GitLab