Handle exception when users are not allowed to update nodes_latest
When editing a node, the user should not be required to have PUT permission on the project the node belongs to. The function project_update_nodes_list should not be called within edit, but should rather be implemented as hook for specific cases only.
This commit is contained in:
parent
ac9aa59924
commit
7d5785da62
@ -424,7 +424,12 @@ def edit(node_id):
|
|||||||
if node_type.name == 'post':
|
if node_type.name == 'post':
|
||||||
project_update_nodes_list(node, project_id=project._id, list_name='blog')
|
project_update_nodes_list(node, project_id=project._id, list_name='blog')
|
||||||
else:
|
else:
|
||||||
project_update_nodes_list(node, project_id=project._id)
|
try:
|
||||||
|
project_update_nodes_list(node, project_id=project._id)
|
||||||
|
except ForbiddenAccess:
|
||||||
|
# TODO (fsiddi): Implement this as a blender-cloud-only hook
|
||||||
|
log.debug('User %s not allowed to update latest_nodes in %s' %
|
||||||
|
(user_id, project._id))
|
||||||
return redirect(url_for('nodes.view', node_id=node_id, embed=1,
|
return redirect(url_for('nodes.view', node_id=node_id, embed=1,
|
||||||
_external=True,
|
_external=True,
|
||||||
_scheme=current_app.config['SCHEME']))
|
_scheme=current_app.config['SCHEME']))
|
||||||
|
Loading…
x
Reference in New Issue
Block a user