Don't bug out if can't update roles for user

based on perms, or missing data field
This commit is contained in:
Lance Edgar 2019-10-24 12:25:59 -05:00
parent 39b1a78b89
commit 6536926f3c

View file

@ -290,6 +290,11 @@ class UsersView(PrincipalMasterView):
return user return user
def update_roles(self, user, data): def update_roles(self, user, data):
if not self.has_perm('edit_roles'):
return
if 'roles' not in data:
return
old_roles = set([r.uuid for r in user.roles]) old_roles = set([r.uuid for r in user.roles])
new_roles = data['roles'] new_roles = data['roles']
admin = administrator_role(self.Session()) admin = administrator_role(self.Session())