projects
/
cascardo
/
ipsilon.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Add check for permissions on deleting a SAML2 Service Provider
[cascardo/ipsilon.git]
/
ipsilon
/
providers
/
saml2
/
admin.py
diff --git
a/ipsilon/providers/saml2/admin.py
b/ipsilon/providers/saml2/admin.py
index
9d06be1
..
c7a0289
100644
(file)
--- a/
ipsilon/providers/saml2/admin.py
+++ b/
ipsilon/providers/saml2/admin.py
@@
-307,6
+307,9
@@
class SPAdminPage(AdminPage):
message_type=message_type)
def delete(self):
+ if (not self.user.is_admin and
+ self.user.name != self.sp.owner):
+ raise cherrypy.HTTPError(403)
self.parent.del_sp(self.sp.name)
self.sp.permanently_delete()
return self.parent.root()