From 716b40cf38913df5aaecbe5e62c12893c88610f7 Mon Sep 17 00:00:00 2001
From: "Kevin S. Hahn" <kevinshahn@gmail.com>
Date: Mon, 23 Mar 2015 14:32:36 -0700
Subject: [PATCH] targetted file uploads require read-write perms

- works on #15
---
 containers.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/containers.py b/containers.py
index 9c7ab41c..3f1e859a 100644
--- a/containers.py
+++ b/containers.py
@@ -244,7 +244,7 @@ class Container(base.RequestHandler):
             # FIXME check that processor is legit
         elif cid is not None:   # targeted user upload
             _id = bson.ObjectId(cid)
-            container, _ = self._get(_id, 'admin')
+            container, _ = self._get(_id, 'rw')
         else:                   # sortable user upload
             pass
             # FIXME: pre-parse file, reject if unparsable
-- 
GitLab