Orgs: pillar admins can always edit an organization

2017-08-23 15:38:27 +02:00 · 2017-08-23 15:38:27 +02:00 · 64eab850c5
commit 64eab850c5
parent c6eebc4eae
1 changed files with 4 additions and 0 deletions
--- a/pillar/api/organizations/patch.py
+++ b/pillar/api/organizations/patch.py
@ -88,6 +88,10 @@ class OrganizationPatchHandler(patch_handler.AbstractPatchHandler):
    def _assert_is_admin(self, org_id):
        om = current_app.org_manager

+        if current_user().has_cap('admin'):
+            # Always allow admins to edit every organization.
+            return
+
        if not om.user_is_admin(org_id):
            log.warning('User %s uses PATCH to edit organization %s, '
                        'but is not admin of that Organization. Request denied.',