From de46dfc4a2282fadb0ecb713df034d5ebf08c10a Mon Sep 17 00:00:00 2001
From: Lance Edgar <ledgar@techsupport.coop>
Date: Thu, 29 Aug 2019 19:42:01 -0500
Subject: [PATCH] Return current user permissions when session is checked via
 API

---
 tailbone/api/auth.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/tailbone/api/auth.py b/tailbone/api/auth.py
index ea1a4c8f..d85f2fb1 100644
--- a/tailbone/api/auth.py
+++ b/tailbone/api/auth.py
@@ -53,9 +53,12 @@ class AuthenticationView(APIView):
         This will establish a server-side web session for the user if none
         exists.  Note that this also resets the user's session timer.
         """
+        data = {'ok': True}
         if self.request.user:
-            return self.user_info(self.request.user)
-        return {}
+            data = self.user_info(self.request.user)
+            data['user']['is_root'] = self.request.is_root
+        data['permissions'] = list(self.request.tailbone_cached_permissions)
+        return data
 
     @api
     def login(self):