def test_is_site_admin():
jwt = JWTUser(
id=0,
impersonator=0,
type="users",
groups=[JWTGroup(id="admin", name="admin", role=RoleType.ADMIN)],
)
assert jwt.is_site_admin()
assert not JWTUser(
id=0,
impersonator=0,
type="users",
).is_site_admin()
def check_permission(user: JWTUser, study: Study,
permission: StudyPermissionType) -> bool:
if user.is_site_admin():
return True
if study.owner is not None and user.impersonator == study.owner.id:
return True
study_group_id = [g.id for g in study.groups]
group_permission = any(
role in permission_matrix[permission]["roles"] # type: ignore
for role in [
group.role for group in (user.groups or [])
if group.id in study_group_id
])
if group_permission:
return True
return study.public_mode in permission_matrix[permission][
"public_modes"] # type: ignore