rattail/tailbone
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Fix permission checks for root user with pyramid 2.x

Browse source
This commit is contained in:
Lance Edgar 2024-04-19 22:27:30 -05:00
parent 8781e34c98
commit d6fa83cd87
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
tailbone/auth.py
View file

@ -209,6 +209,10 @@ class TailboneSecurityPolicy:
return self.session_helper.forget(request, **kw) return self.session_helper.forget(request, **kw)
def permits(self, request, context, permission): def permits(self, request, context, permission):
# nb. root user can do anything
if request.is_root:
return True
config = request.registry.settings.get('rattail_config') config = request.registry.settings.get('rattail_config')
app = config.get_app() app = config.get_app()
auth = app.get_auth_handler() auth = app.get_auth_handler()