darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-01 15:46:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

Cancel job if the service is inactive.

Browse Source 
Update the PermissionsDao.get_permissions_by_user_id to only return permissions for active services,
this will make the admin app return a 403 if someone (otherthan platform admin) tries to look at an inactive service.
Removed the active flag in sample_service the dao_create_service overiddes this attribute.
This commit is contained in:
Rebecca Law
2017-02-02 11:34:00 +00:00
parent dab89969cc
commit f56824adde
5 changed files with 56 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/dao/permissions_dao.py
View File

@@ -59,7 +59,8 @@ class PermissionDAO(DAOClass):
db.session.commit()
def get_permissions_by_user_id(self, user_id):
return self.Meta.model.query.filter_by(user_id=user_id).all()
return self.Meta.model.query.filter_by(user_id=user_id)\
.join(Permission.service).filter_by(active=True).all()
permission_dao = PermissionDAO()