pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Authorize user in Workspaces.get

Browse Source
This commit is contained in:
richard-dds
2018-08-21 10:36:22 -04:00
parent ee17ca6633
commit 7d165e45d3
3 changed files with 23 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
atst/domain/workspaces.py
View File

@@ -1,7 +1,7 @@
from sqlalchemy.orm.exc import NoResultFound
from atst.database import db
from atst.domain.exceptions import NotFoundError
from atst.domain.exceptions import NotFoundError, UnauthorizedError
from atst.models.workspace import Workspace
from atst.models.workspace_role import WorkspaceRole
from atst.domain.roles import Roles
@@ -27,12 +27,15 @@ class Workspaces(object):
return workspace
@classmethod
def get(cls, workspace_id):
def get(cls, user, workspace_id):
try:
workspace = db.session.query(Workspace).filter_by(id=workspace_id).one()
except NoResultFound:
raise NotFoundError("workspace")
if user not in workspace.users:
raise UnauthorizedError(user, "get workspace")
return workspace
@classmethod