Fix authorization policy bug.
This was really an edge case, but in any event the problem would occur when a user was logged in, and then that user account was deleted.
This commit is contained in:
parent
9a956e66f5
commit
0d0445592e
|
@ -42,7 +42,7 @@ class TailboneAuthorizationPolicy(object):
|
||||||
for userid in principals:
|
for userid in principals:
|
||||||
if userid not in (Everyone, Authenticated):
|
if userid not in (Everyone, Authenticated):
|
||||||
user = Session.query(User).get(userid)
|
user = Session.query(User).get(userid)
|
||||||
assert user
|
if user:
|
||||||
return has_permission(Session(), user, permission)
|
return has_permission(Session(), user, permission)
|
||||||
if Everyone in principals:
|
if Everyone in principals:
|
||||||
return has_permission(Session(), None, permission)
|
return has_permission(Session(), None, permission)
|
||||||
|
|
Loading…
Reference in a new issue