rattail/tailbone
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Fix authorization policy bug.

Browse source 
This was really an edge case, but in any event the problem would occur when a
user was logged in, and then that user account was deleted.
This commit is contained in:
Lance Edgar 2013-09-06 04:12:21 -07:00
parent 9a956e66f5
commit 0d0445592e
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
tailbone/auth.py
View file

@ -42,8 +42,8 @@ class TailboneAuthorizationPolicy(object):
for userid in principals: for userid in principals:
if userid not in (Everyone, Authenticated): if userid not in (Everyone, Authenticated):
user = Session.query(User).get(userid) user = Session.query(User).get(userid)
assert user if user:
return has_permission(Session(), user, permission) return has_permission(Session(), user, permission)
if Everyone in principals: if Everyone in principals:
return has_permission(Session(), None, permission) return has_permission(Session(), None, permission)
return False return False