Skip to content

Commit

Permalink
Check access before validation
Browse files Browse the repository at this point in the history
  • Loading branch information
toavina committed Jan 31, 2025
1 parent cc928c2 commit 0d9a5b7
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions ckanext/fjelltopp_security/actions.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ def secure_user_create(context, data_dict):
"""
Custom user create action that extends CKAN's default user_create.
"""
toolkit.check_access('user_create', context, data_dict)
validate_no_external_images(data_dict)
return core_user_create(context, data_dict)

Expand All @@ -44,6 +45,7 @@ def secure_group_update(context, data_dict):
Custom group update action that extends CKAN's default group_update.
Validates that no external images are used in the group.
"""
toolkit.check_access('user_create', context, data_dict)
validate_no_external_images(data_dict)
return core_group_update(context, data_dict)

Expand All @@ -53,6 +55,7 @@ def secure_group_create(context, data_dict):
Custom group create action that extends CKAN's default group_create.
Validates that no external images are used in the group.
"""
toolkit.check_access('user_create', context, data_dict)
validate_no_external_images(data_dict)
return core_group_create(context, data_dict)

Expand All @@ -62,6 +65,7 @@ def secure_organization_update(context, data_dict):
Custom organization update action that extends CKAN's default organization_update.
Validates that no external images are used in the organization.
"""
toolkit.check_access('user_create', context, data_dict)
validate_no_external_images(data_dict)
return core_organization_update(context, data_dict)

Expand All @@ -71,5 +75,6 @@ def secure_organization_create(context, data_dict):
Custom organization create action that extends CKAN's default organization_create.
Validates that no external images are used in the organization.
"""
toolkit.check_access('user_create', context, data_dict)
validate_no_external_images(data_dict)
return core_organization_create(context, data_dict)

0 comments on commit 0d9a5b7

Please sign in to comment.