From b34492b924155c75c54a12f38d30ebbf297c23f9 Mon Sep 17 00:00:00 2001 From: Daniel McKnight Date: Tue, 19 Nov 2024 15:25:47 -0800 Subject: [PATCH] Refactor to remove `RW_USERS` role since the `USER` and `ADMIN` roles already define read and write access, respectively --- neon_users_service/mq_connector.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/neon_users_service/mq_connector.py b/neon_users_service/mq_connector.py index 576d523..d1e09a7 100644 --- a/neon_users_service/mq_connector.py +++ b/neon_users_service/mq_connector.py @@ -56,8 +56,7 @@ def parse_mq_request(self, mq_req: dict) -> dict: auth_user = self.service.read_authenticated_user( mq_req.auth_user_spec, mq_req.password, mq_req.access_token) - if auth_user.permissions.users < AccessRoles.USER and \ - auth_user.permissions.users != AccessRoles.RW_USERS: + if auth_user.permissions.users < AccessRoles.USER: raise PermissionError(f"User {auth_user.username} does " f"not have permission to read " f"other users")