Allow any admins to perform actions on packages
This prevents from the situation, when tenant is no longer exist and there is no way to delete an application Change-Id: I1539d0331634e8c665ff056f1bfde4de47880985 Closes-Bug: #1436618
This commit is contained in:
parent
5542f47b61
commit
57b303cf53
@ -81,7 +81,8 @@ def package_get(package_id_or_name, context):
|
||||
"""
|
||||
session = db_session.get_session()
|
||||
package = _package_get(package_id_or_name, session)
|
||||
_authorize_package(package, context, allow_public=True)
|
||||
if not context.is_admin:
|
||||
_authorize_package(package, context, allow_public=True)
|
||||
return package
|
||||
|
||||
|
||||
@ -233,7 +234,8 @@ def package_update(pkg_id_or_name, changes, context):
|
||||
session = db_session.get_session()
|
||||
with session.begin():
|
||||
pkg = _package_get(pkg_id_or_name, session)
|
||||
_authorize_package(pkg, context)
|
||||
if not context.is_admin:
|
||||
_authorize_package(pkg, context)
|
||||
|
||||
for change in changes:
|
||||
pkg = operation_methods[change['op']](pkg, change)
|
||||
@ -374,7 +376,10 @@ def package_delete(package_id_or_name, context):
|
||||
|
||||
with session.begin():
|
||||
package = _package_get(package_id_or_name, session)
|
||||
_authorize_package(package, context)
|
||||
if not context.is_admin and package.owner_id != context.tenant:
|
||||
raise exc.HTTPForbidden(
|
||||
explanation='Package is not owned by the'
|
||||
' tenant "{0}"'.format(context.tenant))
|
||||
session.delete(package)
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user