# (researchers, pis, etc) be filled in
self.api.fill_record_info(record)
- rights = self.api.auth.determine_user_rights(self.api.auth.client_cred, record)
+ caller_hrn = self.api.auth.cleint_cred.get_gid_caller().get_hrn()
+ rights = self.api.auth.determine_user_rights(caller_hrn, record)
if rights.is_empty():
raise PermissionError(self.api.auth.client_cred.get_gid_object().get_hrn() + " has no rights to " + record['name'])
if not certificate.is_pubkey(gid.get_pubkey()):
raise ConnectionKeyGIDMismatch(gid.get_subject())
- # get the right of this record
- rights = self.api.auth.determine_user_rights(None, record)
+ # get the right of this record
+ caller_hrn = certificate.get_subject()
+ rights = self.api.auth.determine_user_rights(caller_hrn, record)
if rights.is_empty():
- raise PermissionError(gid.get_hrn() + " has no rights to " + record.get_name())
+ raise PermissionError(caller_hrn + " has no rights to " + record.get_name())
# create the credential
gid = record.get_gid_object()