Show only roles that the user is a member of, in list view, for other views show all roles such that certificates and authorities can be shared across teams/groups. (#446)

2016-10-11 17:56:38 -07:00
parent c05a49f8c9
commit ee028382df
2 changed files with 7 additions and 2 deletions
--- a/lemur/roles/views.py
+++ b/lemur/roles/views.py
@@ -7,7 +7,7 @@
 .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>

 """
-from flask import Blueprint
+from flask import Blueprint, g
 from flask import make_response, jsonify
 from flask.ext.restful import reqparse, Api

@@ -83,6 +83,8 @@ class RolesList(AuthenticatedResource):
        parser.add_argument('id', type=str, location='args')

        args = parser.parse_args()
+        if not g.current_user.is_admin:
+            args['user_id'] = g.current_user.id
        return service.render(args)

    @admin_permission.require(http_exception=403)