From df05afa14faf4c4a445f491c2bf9b34ca9cab7ab Mon Sep 17 00:00:00 2001
From: Chris Lovering <chris.lovering.95@gmail.com>
Date: Sun, 28 Jul 2024 17:37:39 +0100
Subject: Use redis role cache when validating access to form resources

---
 backend/discord.py | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/backend/discord.py b/backend/discord.py
index 4a1ecf5..68aa706 100644
--- a/backend/discord.py
+++ b/backend/discord.py
@@ -151,15 +151,14 @@ async def _verify_access_helper(
         return
 
     form = models.Form(**form)
+    role_id_lookup = {role.id: role for role in await get_roles()}
 
-    for role_id in getattr(form, attribute, None) or []:
-        role = await request.state.db.roles.find_one({"id": role_id})
-        if not role:
-            continue
-
-        role = models.DiscordRole(**json.loads(role["data"]))
+    for role_name_or_id in getattr(form, attribute, None) or []:
+        if role_name_or_id in request.auth.scopes:
+            return
 
-        if role.name in request.auth.scopes:
+        role = role_id_lookup.get(role_name_or_id)
+        if role and role.name in request.auth.scopes:
             return
 
     raise UnauthorizedError(status_code=401)
-- 
cgit v1.2.3