enforcing better user of user_id in controllers

thus enhancing rights limitations between users wider_controller are a way to say "I was the maximum rights my role allows me"
author: François Schmidts <francois.schmidts@gmail.com> 2015-04-22 18:50:54 +0200
committer: François Schmidts <francois.schmidts@gmail.com> 2015-04-23 09:52:22 +0200
commit: 55520e2aa70a94b697210bfae9f4097ce04a02a1 (patch)
tree: 52db75138eee48708aef3633d862938d01de0218 /pyaggr3g470r/views/api/common.py
parent: Fixed strange behaviour of the search when only searching on the content. (diff)
download: newspipe-55520e2aa70a94b697210bfae9f4097ce04a02a1.tar.gz
newspipe-55520e2aa70a94b697210bfae9f4097ce04a02a1.tar.bz2
newspipe-55520e2aa70a94b697210bfae9f4097ce04a02a1.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/pyaggr3g470r/views/api/common.py b/pyaggr3g470r/views/api/common.py
index ca344c04..b8c4dd9d 100644
--- a/pyaggr3g470r/views/api/common.py
+++ b/pyaggr3g470r/views/api/common.py
@@ -90,6 +90,12 @@ class PyAggAbstractResource(Resource):
     def controller(self):
         return self.controller_cls(getattr(g.user, 'id', None))
 
+    @property
+    def wider_controller(self):
+        if g.user.is_admin():
+            return self.controller_cls()
+        return self.controller_cls(getattr(g.user, 'id', None))
+
     def reqparse_args(self, req=None, strict=False, default=True, args=None):
         """
         strict: bool
author	François Schmidts <francois.schmidts@gmail.com>	2015-04-22 18:50:54 +0200
committer	François Schmidts <francois.schmidts@gmail.com>	2015-04-23 09:52:22 +0200
commit	55520e2aa70a94b697210bfae9f4097ce04a02a1 (patch)
tree	52db75138eee48708aef3633d862938d01de0218 /pyaggr3g470r/views/api/common.py
parent	Fixed strange behaviour of the search when only searching on the content. (diff)
download	newspipe-55520e2aa70a94b697210bfae9f4097ce04a02a1.tar.gz newspipe-55520e2aa70a94b697210bfae9f4097ce04a02a1.tar.bz2 newspipe-55520e2aa70a94b697210bfae9f4097ce04a02a1.zip