+ # TODO when user contained project_role_mappings with project_id,project_ name this checking to
+ # database will not be needed
+ if not project:
+ project = user_content["projects"][0]
+
+ # To allow project names in project_id
+ proj = self.db.get_one("projects", {BaseTopic.id_field("projects", project): project})
+ if proj["_id"] not in user_content["projects"] and proj["name"] not in user_content["projects"]:
+ raise AuthException("project {} not allowed for this user".format(project),
+ http_code=HTTPStatus.UNAUTHORIZED)
+
+ # TODO remove admin, this vill be used by roles RBAC
+ if proj["name"] == "admin":