Allow CCPO to create TO on anyone's portfolio

2019-01-23 13:27:04 -05:00 · 2019-01-23 13:27:04 -05:00 · c6062c0418
commit c6062c0418
parent 37f8f41be9
1 changed files with 3 additions and 1 deletions
--- a/atst/domain/authz.py
+++ b/atst/domain/authz.py
@ -6,7 +6,9 @@ from atst.domain.exceptions import UnauthorizedError
 class Authorization(object):
    @classmethod
    def has_portfolio_permission(cls, user, portfolio, permission):
-        return permission in PortfolioRoles.portfolio_role_permissions(portfolio, user)
+        return permission in PortfolioRoles.portfolio_role_permissions(
+            portfolio, user
+        ) or Authorization.is_ccpo(user)

    @classmethod
    def has_atat_permission(cls, user, permission):