93c5636f9c
This patch adds checks to make sure that the project_id of the token matches the project_id that owns the Order. Currently, having a role on any project will allow the request to be processed, which results in a 404 - Not Found instead of 401 - Forbidden. Change-Id: Ie0e6f6edae40e47d45afbe92fd509032cb091b1a (cherry picked from commit |
||
---|---|---|
.. | ||
controllers | ||
middleware | ||
__init__.py | ||
app.py | ||
app.wsgi | ||
hooks.py |