argumnets for auth.determine_user_rights has changed. Pass the callers hrn instead...

diff --git a/sfa/methods/get_credential.py b/sfa/methods/get_credential.py
index 6835708..1212dc2 100644 (file)
--- a/sfa/methods/get_credential.py
+++ b/sfa/methods/get_credential.py
@@ -56,7 +56,8 @@ class get_credential(Method):
         # (researchers, pis, etc) be filled in
         self.api.fill_record_info(record)
 
-        rights = self.api.auth.determine_user_rights(self.api.auth.client_cred, record)
+        caller_hrn = self.api.auth.cleint_cred.get_gid_caller().get_hrn()
+        rights = self.api.auth.determine_user_rights(caller_hrn, record)
         if rights.is_empty():
             raise PermissionError(self.api.auth.client_cred.get_gid_object().get_hrn() + " has no rights to " + record['name'])
 

diff --git a/sfa/methods/get_self_credential.py b/sfa/methods/get_self_credential.py
index b4f3b6f..8859082 100644 (file)
--- a/sfa/methods/get_self_credential.py
+++ b/sfa/methods/get_self_credential.py
@@ -77,10 +77,11 @@ class get_self_credential(Method):
         if not certificate.is_pubkey(gid.get_pubkey()):
             raise ConnectionKeyGIDMismatch(gid.get_subject())
 
-        # get the right of this record    
-        rights = self.api.auth.determine_user_rights(None, record)
+        # get the right of this record
+        caller_hrn = certificate.get_subject()    
+        rights = self.api.auth.determine_user_rights(caller_hrn, record)
         if rights.is_empty():
-            raise PermissionError(gid.get_hrn() + " has no rights to " + record.get_name())
+            raise PermissionError(caller_hrn + " has no rights to " + record.get_name())
 
         # create the credential
         gid = record.get_gid_object()