Clean up code

2020-03-17 14:20:06 +01:00 · 2020-03-17 14:20:06 +01:00 · 0e52ab6f49
parent 9617a1ee88
commit 0e52ab6f49
4 changed files with 13 additions and 15 deletions
--- a/client/src/layouts/PublicLayout.vue
+++ b/client/src/layouts/PublicLayout.vue
@ -26,15 +26,6 @@ import Logo from '@/components/icons/Logo';
  @import "@/styles/_mixins.scss";
  @import "@/styles/_default-layout.scss";

-  @mixin content-block {
-    padding-right: $medium-spacing;
-    padding-left: $medium-spacing;
-    max-width: 800px;
-    min-width: 320px;
-    width: 100%;
-    margin: 0 auto;
-  }
-
  .public {
    grid-template-areas: "h" "c" "f";

--- a/client/src/pages/email-verification.vue
+++ b/client/src/pages/email-verification.vue
@ -13,10 +13,6 @@
 import REGISTRATION_MUTATION from '@/graphql/gql/mutations/registration.gql';

 export default {
-  components: {},
-
-  methods: {
-  },

  data() {
    return {
--- a/client/src/styles/_mixins.scss
+++ b/client/src/styles/_mixins.scss
@ -165,3 +165,12 @@
@mixin popover-defaults() {
  bottom: $popover-default-bottom;
 }
+
+@mixin content-block {
+  padding-right: $medium-spacing;
+  padding-left: $medium-spacing;
+  max-width: 800px;
+  min-width: 320px;
+  width: 100%;
+  margin: 0 auto;
+}
--- a/server/core/utils.py
+++ b/server/core/utils.py
@ -25,6 +25,8 @@ def set_visible_for(block, visibility_list):


 def is_private_api_call_allowed(user, body):
+    # logged in users should only be able to access all resources if they have a valid license
+    # logged in users without valid license have only access to logout, me & coupon mutations

    body_unicode = body.decode('utf-8')

@ -34,14 +36,14 @@ def is_private_api_call_allowed(user, body):
    except AttributeError:
        return True

-    # logged in users should only be able to access all resources if the have a valid license
-    # logged in users without valid license have only access to logout, me & coupon mutations
+    # logout, me and coupon resources are always allowed. Even if the user has no valid license
    if re.search(r"mutation\s*.*\s*logout\s*{", body_unicode) or re.search(r"query\s*.*\s*me\s*{", body_unicode)\
        or re.search(r"mutation\s*Coupon", body_unicode):
        return True

    license_expiry = user.license_expiry_date

+    # all other resources are denied if the license is not valid
    if license_expiry is None or license_expiry < timezone.now():
        return False