mitchell852 commented on a change in pull request #3742: Restricted job
creation to Portal and above
URL: https://github.com/apache/trafficcontrol/pull/3742#discussion_r307311468
##########
File path: traffic_ops/app/lib/API/Job.pm
##########
@@ -181,7 +185,7 @@ sub create_current_user_job {
return $self->forbidden("Forbidden. Delivery-service
tenant is not available to the user.");
}
} else {
- if ( !&is_oper($self) &&
!$self->is_delivery_service_assigned($ds_id) ) {
+ if ( !&is_portal($self) &&
!$self->is_delivery_service_assigned($ds_id) ) {
Review comment:
this would never resolve to true given the condition on line 157, right? i
think i'd rather see this rewritten:
```
if ( $tenant_utils->use_tenancy() ) {
if ( !$tenant_utils->is_ds_resource_accessible($tenants_data,
$ds->tenant_id) ) {
return $self->forbidden("Forbidden. Delivery-service
tenant is not available to the user.");
}
} else {
if ( !&is_oper($self) &&
!$self->is_delivery_service_assigned($ds_id) ) {
return $self->forbidden();
}
}
```
to
```
if ( !$tenant_utils->is_ds_resource_accessible($tenants_data,
$ds->tenant_id) ) {
return $self->forbidden("Forbidden. Delivery-service
tenant is not available to the user.");
}
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
