From 4307d54505ea56b5776bb2ce47643aad2848123f Mon Sep 17 00:00:00 2001
From: Simon Pirkelmann <simon.pirkelmann@gmail.com>
Date: Mon, 23 Aug 2021 21:06:18 +0200
Subject: [PATCH] check Keyholder status of users

---
 imaginaerraum_door_admin/webapp.py | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/imaginaerraum_door_admin/webapp.py b/imaginaerraum_door_admin/webapp.py
index 1e74892..418824e 100644
--- a/imaginaerraum_door_admin/webapp.py
+++ b/imaginaerraum_door_admin/webapp.py
@@ -207,18 +207,19 @@ def create_application(config):
         new_user_data['password'] = hash_password(password)
         new_user_data['roles'] = []
         lock_permission = con.search('ou=Users,dc=imaginaerraum,dc=de',
-                                     f'(&(uid={username})(memberof=cn=Members,ou=Groups,dc=imaginaerraum,dc=de))',
+                                     f'(&(uid={username})(memberof=cn=Keyholders,ou=Groups,dc=imaginaerraum,dc=de))',
                                      attributes=ldap3.ALL_ATTRIBUTES)
+        authorized = True
         if lock_permission:
             new_user_data['email'] = con.entries[0].mail.value
         else:
-            new_user_data['email'] = None
+            authorized = False
         token_granting_permission = con.search('ou=Users,dc=imaginaerraum,dc=de',
                                                f'(&(uid={username})(memberof=cn=Vorstand,ou=Groups,dc=imaginaerraum,dc=de))')
         if token_granting_permission:
             new_user_data['roles'].append('admin')
 
-        return True, new_user_data
+        return authorized, new_user_data
 
     class ExtendedLoginForm(LoginForm):
         email = StringField('Benutzername oder E-Mail', [Required()])
@@ -677,8 +678,9 @@ def create_application(config):
     @app.route('/open')
     @auth_required()
     def open_door():
+
         try:
-            door.open_door()
+            door.open_door(user=current_user.username)
             logger.info(f"Door opened by admin user {current_user.username}")
         except Exception as e:
             flash(f'Could not open door. Exception: {e}')
@@ -689,7 +691,7 @@ def create_application(config):
     @auth_required()
     def close_door():
         try:
-            door.close_door()
+            door.close_door(user=current_user.username)
             logger.info(f"Door closed by admin user {current_user.username}")
         except Exception as e:
             flash(f'Could not close door. Exception: {e}')