From 149ae4b71c5f0db21177658b5c3502b4b498a150 Mon Sep 17 00:00:00 2001
From: Lance Edgar <lance@edbob.org>
Date: Sun, 20 Sep 2020 16:32:44 -0500
Subject: [PATCH] Avoid unhelpful error when perm check happens for
 "re-created" DB user

kind of an edge case, should only apply to dev
---
 tailbone/auth.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/tailbone/auth.py b/tailbone/auth.py
index 9db292ad..338fac55 100644
--- a/tailbone/auth.py
+++ b/tailbone/auth.py
@@ -2,7 +2,7 @@
 ################################################################################
 #
 #  Rattail -- Retail Software Framework
-#  Copyright © 2010-2017 Lance Edgar
+#  Copyright © 2010-2020 Lance Edgar
 #
 #  This file is part of Rattail.
 #
@@ -101,7 +101,10 @@ class TailboneAuthorizationPolicy(object):
                 if context.request.user and context.request.user.uuid == userid:
                     return context.request.has_perm(permission)
                 else:
-                    assert False # should no longer happen..right?
+                    # this is pretty rare, but can happen in dev after
+                    # re-creating the database, which means new user uuids.
+                    # TODO: the odds of this query returning a user in that
+                    # case, are probably nil, and we should just skip this bit?
                     user = Session.query(model.User).get(userid)
                     if user:
                         if has_permission(Session(), user, permission):