Short-circuit check_permissions() when logged in as CLI user

The CLI user should just be able to do anything.
2018-03-27 17:42:12 +02:00
parent 218c3f0dca
commit 540dd28861
1 changed files with 6 additions and 0 deletions
--- a/pillar/api/utils/authorization.py
+++ b/pillar/api/utils/authorization.py
@@ -27,6 +27,12 @@ def check_permissions(collection_name, resource, method, append_allowed_methods=
    :param check_node_type: node type to check. Only valid when collection_name='projects'.
    :type check_node_type: str
    """
+    from pillar.auth import get_current_user
+    from .authentication import CLI_USER
+
+    if get_current_user() is CLI_USER:
+        log.debug('Short-circuiting check_permissions() for CLI user')
+        return

    if not has_permissions(collection_name, resource, method, append_allowed_methods,
                           check_node_type):