From ee3a0ff2b5bb56d04f07aeaec096ea6d0d1bd18d Mon Sep 17 00:00:00 2001
From: Renaud Michotte <renaud.michotte@gmail.com>
Date: Tue, 17 Aug 2021 10:47:18 +0200
Subject: [PATCH] notification: fix patron profile URL

Closes rero/rero-ils#2282.

Co-Authored-by: Renaud Michotte <renaud.michotte@gmail.com>
---
 rero_ils/modules/decorators.py        | 13 +++++++++----
 rero_ils/modules/notifications/api.py |  4 ++--
 rero_ils/permissions.py               | 15 ++++++++++++---
 3 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/rero_ils/modules/decorators.py b/rero_ils/modules/decorators.py
index c64e7eb4e1..7a7aa5f1eb 100644
--- a/rero_ils/modules/decorators.py
+++ b/rero_ils/modules/decorators.py
@@ -19,7 +19,7 @@
 
 from functools import wraps
 
-from flask import jsonify
+from flask import abort, jsonify, redirect
 from flask_login import current_user
 
 from rero_ils.permissions import login_and_librarian, login_and_patron
@@ -41,13 +41,18 @@ def wrapper(*args, **kwargs):
 def check_logged_as_patron(fn):
     """Decorator to check if the current logged user is logged as patron.
 
-    If no user is connected: return 401 (unauthorized)
+    If no user is connected: redirect the user to sign-in page
     If current logged user isn't `patron`: return 403 (forbidden)
     """
     @wraps(fn)
     def wrapper(*args, **kwargs):
-        login_and_patron()
-        return fn(*args, **kwargs)
+        status, code, redirect_url = login_and_patron()
+        if status:
+            return fn(*args, **kwargs)
+        elif redirect_url:
+            return redirect(redirect_url)
+        else:
+            abort(code)
     return wrapper
 
 
diff --git a/rero_ils/modules/notifications/api.py b/rero_ils/modules/notifications/api.py
index 01b05564ee..ce56aa39d2 100644
--- a/rero_ils/modules/notifications/api.py
+++ b/rero_ils/modules/notifications/api.py
@@ -20,6 +20,7 @@
 
 from __future__ import absolute_import, print_function
 
+import urllib.parse
 from copy import deepcopy
 from datetime import datetime, timedelta, timezone
 from functools import partial
@@ -189,10 +190,9 @@ def replace_pids_and_refs(self):
             base_url = current_app.config.get('RERO_ILS_APP_URL')
             profile_url = f'{base_url}/{view_code}/patrons/profile'
             data['loan']['profile_url'] = profile_url
-
             return data
         except Exception as error:
-            raise(error)
+            raise error
 
     def init_loan(self):
         """Set loan of the notification."""
diff --git a/rero_ils/permissions.py b/rero_ils/permissions.py
index b41b39956e..793066f707 100644
--- a/rero_ils/permissions.py
+++ b/rero_ils/permissions.py
@@ -20,6 +20,7 @@
 from functools import wraps
 
 from flask import abort, current_app, redirect, url_for
+from flask import request as flask_request
 from flask_login import current_user
 from flask_principal import RoleNeed
 from flask_security import login_required, roles_required
@@ -64,11 +65,19 @@ def login_and_librarian():
 
 
 def login_and_patron():
-    """Patron is logged in."""
+    """Patron is logged in.
+
+    :return a tuple with 3 values:
+      * bool: check if the user is connected and has a patron role.
+      * int: the http return code (200, 401, 403).
+      * string: the redirect url to use (optional).
+    """
     if current_user and not current_user.is_authenticated:
-        abort(401)
+        redirect_url = url_for('security.login', next=flask_request.url_rule)
+        return False, 401, redirect_url
     if len(current_patrons) == 0:
-        abort(403)
+        return False, 403, None
+    return True, 200, None
 
 
 def can_access_professional_view(func):