Kevin Hu
commited on
Commit
·
e98cd71
1
Parent(s):
51c0b88
Fix: authorization issue (#3530)
Browse files### What problem does this PR solve?
### Type of change
- [x] Bug Fix (non-breaking change which fixes an issue)
- api/apps/tenant_app.py +1 -1
api/apps/tenant_app.py
CHANGED
|
@@ -83,7 +83,7 @@ def create(tenant_id):
|
|
| 83 |
@manager.route('/<tenant_id>/user/<user_id>', methods=['DELETE'])
|
| 84 |
@login_required
|
| 85 |
def rm(tenant_id, user_id):
|
| 86 |
-
if current_user.id != tenant_id:
|
| 87 |
return get_json_result(
|
| 88 |
data=False,
|
| 89 |
message='No authorization.',
|
|
|
|
| 83 |
@manager.route('/<tenant_id>/user/<user_id>', methods=['DELETE'])
|
| 84 |
@login_required
|
| 85 |
def rm(tenant_id, user_id):
|
| 86 |
+
if current_user.id != tenant_id and current_user.id != user_id:
|
| 87 |
return get_json_result(
|
| 88 |
data=False,
|
| 89 |
message='No authorization.',
|