trustchain-oc1-orchestral
/
devicehub-teal
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixing security query in live action

This commit is contained in:
Cayo Puigdefabregas 2020-12-09 12:37:20 +01:00
parent eaa20b4302
commit 634806ec1c
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ereuse_devicehub/resources/action/views.py
View File

@ -237,12 +237,12 @@ class ActionView(View):
def live(self, snapshot): def live(self, snapshot):
"""If the device.allocated == True, then this snapshot create an action live.""" """If the device.allocated == True, then this snapshot create an action live."""
device = snapshot.get('device') # type: Computer device = snapshot.get('device') # type: Computer
# TODO @cayop dependency of pulls 85 and 83 # TODO @cayop dependency of pulls 85
# if the pr/85 and pr/83 is merged, then you need change this way for get the device # if the pr/85 is merged, then you need change this way for get the device
if not device.hid or not Device.query.filter(Device.hid==device.hid).count(): if not device.hid or not Device.query.filter(Device.hid==device.hid, owner_id=g.user.id).count():
return None return None
device = Device.query.filter(Device.hid==device.hid).one() device = Device.query.filter(Device.hid==device.hid, owner_id=g.user.id).one()
if not device.allocated: if not device.allocated:
return None return None