summaryrefslogtreecommitdiff
path: root/opendc-web/opendc-web-api/opendc/models/portfolio.py
diff options
context:
space:
mode:
Diffstat (limited to 'opendc-web/opendc-web-api/opendc/models/portfolio.py')
-rw-r--r--opendc-web/opendc-web-api/opendc/models/portfolio.py17
1 files changed, 6 insertions, 11 deletions
diff --git a/opendc-web/opendc-web-api/opendc/models/portfolio.py b/opendc-web/opendc-web-api/opendc/models/portfolio.py
index 32961b63..8e3f2a52 100644
--- a/opendc-web/opendc-web-api/opendc/models/portfolio.py
+++ b/opendc-web/opendc-web-api/opendc/models/portfolio.py
@@ -1,7 +1,5 @@
+from opendc.models.project import Project
from opendc.models.model import Model
-from opendc.models.user import User
-from opendc.util.exceptions import ClientError
-from opendc.util.rest import Response
class Portfolio(Model):
@@ -9,16 +7,13 @@ class Portfolio(Model):
collection_name = 'portfolios'
- def check_user_access(self, google_id, edit_access):
- """Raises an error if the user with given [google_id] has insufficient access.
+ def check_user_access(self, user_id, edit_access):
+ """Raises an error if the user with given [user_id] has insufficient access.
Checks access on the parent project.
- :param google_id: The Google ID of the user.
+ :param user_id: The User ID of the user.
:param edit_access: True when edit access should be checked, otherwise view access.
"""
- user = User.from_google_id(google_id)
- authorizations = list(
- filter(lambda x: str(x['projectId']) == str(self.obj['projectId']), user.obj['authorizations']))
- if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'):
- raise ClientError(Response(403, 'Forbidden from retrieving/editing portfolio.'))
+ project = Project.from_id(self.obj['projectId'])
+ project.check_user_access(user_id, edit_access)