Allow any admins to perform actions on packages

This prevents from the situation, when tenant is no longer exist
and there is no way to delete an application

Change-Id: I1539d0331634e8c665ff056f1bfde4de47880985
Closes-Bug: #1436618
This commit is contained in:
Ekaterina Chernova 2015-04-08 12:42:20 +03:00
parent 5542f47b61
commit 57b303cf53

View File

@ -81,6 +81,7 @@ def package_get(package_id_or_name, context):
"""
session = db_session.get_session()
package = _package_get(package_id_or_name, session)
if not context.is_admin:
_authorize_package(package, context, allow_public=True)
return package
@ -233,6 +234,7 @@ def package_update(pkg_id_or_name, changes, context):
session = db_session.get_session()
with session.begin():
pkg = _package_get(pkg_id_or_name, session)
if not context.is_admin:
_authorize_package(pkg, context)
for change in changes:
@ -374,7 +376,10 @@ def package_delete(package_id_or_name, context):
with session.begin():
package = _package_get(package_id_or_name, session)
_authorize_package(package, context)
if not context.is_admin and package.owner_id != context.tenant:
raise exc.HTTPForbidden(
explanation='Package is not owned by the'
' tenant "{0}"'.format(context.tenant))
session.delete(package)