Check for capabilites instead of roles in allow_link

2018-03-14 22:04:57 +01:00 · 2018-03-14 22:04:57 +01:00 · 97091457a8
commit 97091457a8
parent 6f69fe5b8a
1 changed files with 1 additions and 5 deletions
--- a/pillar/web/nodes/routes.py
+++ b/pillar/web/nodes/routes.py
@ -126,11 +126,7 @@ def view(node_id, extra_template_args: dict=None):
        if node.permissions and node.permissions.world:
            return 'GET' in node.permissions.world

-        if current_user.is_authenticated:
-            allowed_roles = {'subscriber', 'demo', 'admin'}
-            return bool(allowed_roles.intersection(current_user.roles or ()))
-
-        return False
+        return current_user.has_cap('subscriber')

    link_allowed = allow_link()