From 2b919f8be9f0b1fa7016424900f4c4a2b2c51f6d Mon Sep 17 00:00:00 2001 From: Tony Mack Date: Thu, 29 Oct 2009 18:38:20 +0000 Subject: [PATCH] argumnets for auth.determine_user_rights has changed. Pass the callers hrn instead of credential (hrn may come from the credential if get_credential() is called, or certificate.get_subject() if get_self_credential is called --- sfa/methods/get_credential.py | 3 ++- sfa/methods/get_self_credential.py | 7 ++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/sfa/methods/get_credential.py b/sfa/methods/get_credential.py index 6835708f..1212dc2b 100644 --- a/sfa/methods/get_credential.py +++ b/sfa/methods/get_credential.py @@ -56,7 +56,8 @@ class get_credential(Method): # (researchers, pis, etc) be filled in self.api.fill_record_info(record) - rights = self.api.auth.determine_user_rights(self.api.auth.client_cred, record) + caller_hrn = self.api.auth.cleint_cred.get_gid_caller().get_hrn() + rights = self.api.auth.determine_user_rights(caller_hrn, record) if rights.is_empty(): raise PermissionError(self.api.auth.client_cred.get_gid_object().get_hrn() + " has no rights to " + record['name']) diff --git a/sfa/methods/get_self_credential.py b/sfa/methods/get_self_credential.py index b4f3b6fa..8859082a 100644 --- a/sfa/methods/get_self_credential.py +++ b/sfa/methods/get_self_credential.py @@ -77,10 +77,11 @@ class get_self_credential(Method): if not certificate.is_pubkey(gid.get_pubkey()): raise ConnectionKeyGIDMismatch(gid.get_subject()) - # get the right of this record - rights = self.api.auth.determine_user_rights(None, record) + # get the right of this record + caller_hrn = certificate.get_subject() + rights = self.api.auth.determine_user_rights(caller_hrn, record) if rights.is_empty(): - raise PermissionError(gid.get_hrn() + " has no rights to " + record.get_name()) + raise PermissionError(caller_hrn + " has no rights to " + record.get_name()) # create the credential gid = record.get_gid_object() -- 2.43.0