def wrapper(*args, **kwargs): if is_admin_context(args[0]): return f(*args, **kwargs) elif is_project_admin_context(args[0]): return f(*args, **kwargs) else: raise exceptions.AdminRequired()
def wrapper(*args, **kwargs): # NOTE(thomasem): Standard order of arguments for generic resources # methods is (context, resources, ...), so args[0] is always # context and args[1] is always resources. context = args[0] resources = args[1] permissions = { CRUD.CREATE: { 'projects': is_project_admin_context(context), }, CRUD.READ: { 'projects': is_project_admin_context(context), }, CRUD.UPDATE: { 'projects': is_project_admin_context(context), }, CRUD.DELETE: { 'projects': is_project_admin_context(context), } } # NOTE(thomasem): Default to True unless otherwise specified in # permissions dict. if permissions[action].get(resources, True): return fn(*args, **kwargs) else: raise exceptions.AdminRequired()
def test_users_get_no_admin_fails(self, mock_user): mock_user.side_effect = exceptions.AdminRequired() resp = self.get('v1/users') self.assertEqual(resp.status_code, 401)
def wrapper(*args, **kwargs): if not is_admin_context(args[0]): raise exceptions.AdminRequired() return f(*args, **kwargs)