Github user mitchell852 commented on a diff in the pull request:
https://github.com/apache/incubator-trafficcontrol/pull/433#discussion_r112025226
--- Diff: traffic_ops/app/lib/API/Tenant.pm ---
@@ -117,14 +123,25 @@ sub update {
my $is_active = $params->{active};
if ( !$params->{active} && $self->isRootTenant($id)) {
- return $self->alert("Root user cannot be in-active.");
+ return $self->alert("Root tenant cannot be in-active.");
}
-
- if ( !defined($params->{parentId}) && !isRootTenant($id) ) {
- return $self->alert("Only the \"root\" tenant can have no
parent.");
+ #this is a write operation, allowed only by parents of the tenant
(which are the owners of the resource of type tenant)
+ my $current_resource_tenancy = $self->db->resultset('Tenant')->search(
{ id => $id } )->get_column('parent_id')->single();
--- End diff --
also, if you make root tenant uneditable, you can get rid of this
complexity. and simply do
if (!verify_tenancy_for_write($self, $params->{parentId})) {
return $self->alert("Parent tenant to be set is not under user's
tenancy.");
}
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
