add an extra condition in verify_object_pemission

author Tony Mack <tmack@cs.princeton.edu>

Mon, 15 Jun 2009 21:49:58 +0000 (21:49 +0000)

committer Tony Mack <tmack@cs.princeton.edu>

Mon, 15 Jun 2009 21:49:58 +0000 (21:49 +0000)
author Tony Mack <tmack@cs.princeton.edu>
Mon, 15 Jun 2009 21:49:58 +0000 (21:49 +0000)
committer Tony Mack <tmack@cs.princeton.edu>
Mon, 15 Jun 2009 21:49:58 +0000 (21:49 +0000)
diff --git a/geni/util/auth.py b/geni/util/auth.py

index f190432..723a8b1 100644 (file)
--- a/geni/util/auth.py
+++ b/geni/util/auth.py
@@ -12,6 +12,7 @@ from geni.util.hierarchy import Hierarchy
  from geni.util.rights import RightList
  from geni.util.genitable import *
  from geni.util.config import *
+from geni.util.misc import *
  
  class Auth:
      """
@@ -140,6 +141,9 @@ class Auth:
              return
          if name.startswith(object_hrn + "."):
              return
+        if name.startswith(get_authority(name)):
+            return
+    
          raise PermissionError(name)
  
      def determine_user_rights(self, src_cred, record):
author	Tony Mack <tmack@cs.princeton.edu>
	Mon, 15 Jun 2009 21:49:58 +0000 (21:49 +0000)
committer	Tony Mack <tmack@cs.princeton.edu>
	Mon, 15 Jun 2009 21:49:58 +0000 (21:49 +0000)