archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Check for capabilites instead of roles in allow_link

Browse Source
This commit is contained in:
Francesco Siddi
2018-03-14 22:04:57 +01:00
parent 6f69fe5b8a
commit 97091457a8
1 changed files with 1 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pillar/web/nodes/routes.py
View File

@@ -126,11 +126,7 @@ def view(node_id, extra_template_args: dict=None):
if node.permissions and node.permissions.world: if node.permissions and node.permissions.world:
return 'GET' in node.permissions.world return 'GET' in node.permissions.world
if current_user.is_authenticated: return current_user.has_cap('subscriber')
allowed_roles = {'subscriber', 'demo', 'admin'}
return bool(allowed_roles.intersection(current_user.roles or ()))
return False
link_allowed = allow_link() link_allowed = allow_link()