Fix bug 771 Do not revoke token when try to do a non allowed operation

[osm/NBI.git] / osm_nbi / nbi.py

diff --git a/osm_nbi/nbi.py b/osm_nbi/nbi.py
index 269af33..afc65c0 100644 (file)
--- a/osm_nbi/nbi.py
+++ b/osm_nbi/nbi.py
@@ -40,7 +40,7 @@ __author__ = "Alfonso Tierno <alfonso.tiernosepulveda@telefonica.com>"
 
 __version__ = "0.1.3"
 version_date = "Jan 2019"
-database_version = '1.1'
+database_version = '1.2'
 auth_database_version = '1.0'
 nbi_server = None           # instance of Server class
 subscription_thread = None  # instance of SubscriptionThread class
@@ -955,6 +955,10 @@ class Server(object):
                 cherrypy.response.status = HTTPStatus.NO_CONTENT.value
             else:
                 raise NbiException("Method {} not allowed".format(method), HTTPStatus.METHOD_NOT_ALLOWED)
+
+            # if Role information changes, it is needed to reload the information of roles
+            if topic == "roles" and method != "GET":
+                self.authenticator.load_operation_to_allowed_roles()
             return self._format_out(outdata, session, _format)
         except Exception as e:
             if isinstance(e, (NbiException, EngineException, DbException, FsException, MsgException, AuthException,