diff --git a/src/spaceone/core/handler/authentication_handler.py b/src/spaceone/core/handler/authentication_handler.py index e705a6b..d701a4f 100644 --- a/src/spaceone/core/handler/authentication_handler.py +++ b/src/spaceone/core/handler/authentication_handler.py @@ -1,5 +1,6 @@ import json import logging +import copy from typing import Tuple, List from spaceone.core import cache, config @@ -39,8 +40,8 @@ def verify(self, params: dict) -> None: client_id = token_info.get("jti") domain_id = token_info.get("did") permissions, projects = self._check_app(client_id, domain_id) - token_info["permissions"] = permissions - token_info["projects"] = projects + token_info["permissions"] = copy.deepcopy(permissions) + token_info["projects"] = copy.deepcopy(projects) self._update_meta(token_info) diff --git a/src/spaceone/core/handler/mutation_handler.py b/src/spaceone/core/handler/mutation_handler.py index 19cecdd..c875504 100644 --- a/src/spaceone/core/handler/mutation_handler.py +++ b/src/spaceone/core/handler/mutation_handler.py @@ -12,7 +12,9 @@ def request(self, params): user_projects: list = self.transaction.get_meta("authorization.projects") user_id: str = self.transaction.get_meta("authorization.user_id") set_user_id: str = self.transaction.get_meta("authorization.set_user_id") - injected_params: dict = self.transaction.get_meta("authorization.injected_params") + injected_params: dict = self.transaction.get_meta( + "authorization.injected_params" + ) if user_role_type == "SYSTEM_TOKEN": if domain_id: @@ -29,7 +31,7 @@ def request(self, params): elif user_role_type == "WORKSPACE_MEMBER": params["domain_id"] = domain_id params["workspace_id"] = workspace_id - params["user_projects"] = user_projects + params["user_projects"] = user_projects or [] elif user_role_type == "USER": params["domain_id"] = domain_id