archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Orgs: Use create-organization capability to control access

Browse Source 
This is more explicit and future-proof than checking for admin cap.
This commit is contained in:
Sybren A. Stüvel
2017-08-23 13:57:14 +02:00
parent 72404d0fd9
commit 40172bf8b5
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pillar/api/organizations/hooks.py
View File

@@ -18,7 +18,7 @@ def pre_get_organizations(request, lookup):
def pre_post_organizations(request): def pre_post_organizations(request):
user = current_user() user = current_user()
if user.is_anonymous or not user.has_cap('admin'): if not user.has_cap('create-organization'):
raise wz_exceptions.Forbidden() raise wz_exceptions.Forbidden()

2
pillar/config.py
View File

@@ -167,5 +167,5 @@ USER_CAPABILITIES = defaultdict(**{
'subscriber': {'subscriber', 'home-project'}, 'subscriber': {'subscriber', 'home-project'},
'demo': {'subscriber', 'home-project'}, 'demo': {'subscriber', 'home-project'},
'admin': {'subscriber', 'home-project', 'video-encoding', 'admin', 'admin': {'subscriber', 'home-project', 'video-encoding', 'admin',
'view-pending-nodes', 'edit-project-node-types'}, 'view-pending-nodes', 'edit-project-node-types', 'create-organization'},
}, default_factory=frozenset) }, default_factory=frozenset)