From e286f48bf6c8f30d3e220de5a5c5da5bdf53a70b Mon Sep 17 00:00:00 2001
From: Dominik Moritz <domoritz@gmail.com>
Date: Tue, 23 Apr 2013 11:24:03 +0200
Subject: [PATCH] [#652] Refactor validation of possible methods

---
 ckanext/datastore/db.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ckanext/datastore/db.py b/ckanext/datastore/db.py
index 092d48897c7..9c8d89f193a 100644
--- a/ckanext/datastore/db.py
+++ b/ckanext/datastore/db.py
@@ -1143,7 +1143,6 @@ def _get_read_only_user(data_dict):
 
 def _change_privilege(context, data_dict, what):
     read_only_user = _get_read_only_user(data_dict)
-    assert(what in ['REVOKE', 'GRANT'])
     if what == 'REVOKE':
         sql = u'REVOKE SELECT ON TABLE "{0}" FROM "{1}"'.format(
             data_dict['resource_id'],
@@ -1152,6 +1151,9 @@ def _change_privilege(context, data_dict, what):
         sql = u'GRANT SELECT ON TABLE "{0}" TO "{1}"'.format(
             data_dict['resource_id'],
             read_only_user)
+    else:
+        raise ValidationError({
+            'privileges': 'Can only GRANT or REVOKE but not {0}'.format(what)})
     try:
         context['connection'].execute(sql)
     except ProgrammingError, e: