Show only roles that the user is a member of, in list view, for other views show all roles such that certificates and authorities can be shared across teams/groups. (#446)

This commit is contained in:
kevgliss 2016-10-11 17:56:38 -07:00 committed by GitHub
parent c05a49f8c9
commit ee028382df
2 changed files with 7 additions and 2 deletions

View File

@ -7,7 +7,7 @@
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
from flask import Blueprint
from flask import Blueprint, g
from flask import make_response, jsonify
from flask.ext.restful import reqparse, Api
@ -83,6 +83,8 @@ class RolesList(AuthenticatedResource):
parser.add_argument('id', type=str, location='args')
args = parser.parse_args()
if not g.current_user.is_admin:
args['user_id'] = g.current_user.id
return service.render(args)
@admin_permission.require(http_exception=403)

View File

@ -91,6 +91,7 @@ def test_role_put_with_data_and_user(client, session):
from lemur.auth.service import create_token
user = UserFactory()
role = RoleFactory(users=[user])
role1 = RoleFactory()
user1 = UserFactory()
session.commit()
@ -101,13 +102,15 @@ def test_role_put_with_data_and_user(client, session):
data = {
'users': [
{'id': user1.id}
{'id': user1.id},
{'id': user.id}
],
'id': role.id,
'name': role.name
}
assert client.put(api.url_for(Roles, role_id=role.id), data=json.dumps(data), headers=headers).status_code == 200
assert client.get(api.url_for(RolesList), data={}, headers=headers).json['total'] == 1
@pytest.mark.parametrize("token,status", [