From 5d84b08e2698c260c429a33ac709691b95df7c03 Mon Sep 17 00:00:00 2001
From: Christoph Ladurner <christoph.ladurner@tugraz.at>
Date: Mon, 29 Jul 2024 09:20:37 +0200
Subject: [PATCH] fix: permission for ip

---
 .../permissions/generators.py                  | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/invenio_config_tugraz/permissions/generators.py b/invenio_config_tugraz/permissions/generators.py
index 6990d3a..669a1b5 100644
--- a/invenio_config_tugraz/permissions/generators.py
+++ b/invenio_config_tugraz/permissions/generators.py
@@ -65,12 +65,11 @@ def needs(self, record: dict | None = None, **__: dict) -> list[Need]:
         if record is None:
             return []
 
-        # if record does not have singleip - return any_user
-        if not record.get("custom_fields", {}).get("single_ip", False):
-            return [any_user]
-
         # if record has singleip, and the ip of the user matches the allowed ip
-        if self.check_permission():
+        if (
+            record.get("custom_fields", {}).get("single_ip", False)
+            and self.check_permission()
+        ):
             return [any_user]
 
         # non of the above - return empty
@@ -138,12 +137,11 @@ def needs(self, record: dict | None = None, **__: dict) -> list[Need]:
         if record is None:
             return []
 
-        # if the record doesn't have set the ip range allowance
-        if not record.get("custom_fields", {}).get("ip_network", False):
-            return [any_user]
-
         # if the record has set the ip_range allowance and is in the range
-        if self.check_permission():
+        if (
+            record.get("custom_fields", {}).get("ip_network", False)
+            and self.check_permission()
+        ):
             return [any_user]
 
         # non of the above - return empty