Use redis role cache when validating access to form resources

python-discord · Jul 28, 2024 · df05afa · df05afa
1 parent dd28ea2
commit df05afa
Showing 1 changed file with 6 additions and 7 deletions.
diff --git a/backend/discord.py b/backend/discord.py
@@ -151,15 +151,14 @@ async def _verify_access_helper(
         return
 
     form = models.Form(**form)
+    role_id_lookup = {role.id: role for role in await get_roles()}
 
-    for role_id in getattr(form, attribute, None) or []:
-        role = await request.state.db.roles.find_one({"id": role_id})
-        if not role:
-            continue
-
-        role = models.DiscordRole(**json.loads(role["data"]))
+    for role_name_or_id in getattr(form, attribute, None) or []:
+        if role_name_or_id in request.auth.scopes:
+            return
 
-        if role.name in request.auth.scopes:
+        role = role_id_lookup.get(role_name_or_id)
+        if role and role.name in request.auth.scopes:
             return
 
     raise UnauthorizedError(status_code=401)