archive/attract
0
0
Fork 0
Code Issues 7 Pull Requests Projects Releases Wiki Activity

Prevent 403 when user doesn't have access enough to fetch project users.

Browse Source
This commit is contained in:
Sybren A. Stüvel
2016-10-11 14:15:04 +02:00
parent eafcacde36
commit cabac18f33
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
attract/tasks/routes.py
View File

@@ -5,6 +5,7 @@ import flask
import flask_login import flask_login
import pillarsdk import pillarsdk
import pillarsdk.exceptions as sdk_exceptions
from pillar.web.system_util import pillar_api from pillar.web.system_util import pillar_api
import pillar.api.utils import pillar.api.utils
@@ -60,8 +61,11 @@ def view_task(project, attract_props, task_id):
task = pillarsdk.Node.find(task_id, api=api) task = pillarsdk.Node.find(task_id, api=api)
node_type = project.get_node_type(node_type_task['name']) node_type = project.get_node_type(node_type_task['name'])
# Fetch project users so that we can assign them tasks # Fetch project users so that we can assign them tasks
try:
users = project.get_users(api=api) users = project.get_users(api=api)
project.users = users['_items'] project.users = users['_items']
except sdk_exceptions.ForbiddenAccess:
project.users = []
return render_template('attract/tasks/view_task_embed.html', return render_template('attract/tasks/view_task_embed.html',
task=task, task=task,