From 144a5cacf992dbf431770ae31aefbc334172c151 Mon Sep 17 00:00:00 2001
From: Brian Carroll <brian@hasecuritysolutions.com>
Date: Thu, 11 Jan 2024 21:22:30 -0500
Subject: [PATCH] roll back permissions on token

---
 app/api_v2/model/user.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/api_v2/model/user.py b/app/api_v2/model/user.py
index 0c731e88..ab5df3a2 100644
--- a/app/api_v2/model/user.py
+++ b/app/api_v2/model/user.py
@@ -247,7 +247,7 @@ def create_access_token(self):
             'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=60*jwt_exp),
             'iat': datetime.datetime.utcnow(),
             'type': 'user',
-            'permissions': self.permissions,
+            #'permissions': self.permissions,
         }, current_app.config['SECRET_KEY'])
 
         return _access_token
@@ -879,7 +879,7 @@ def create_access_token(self):
             'exp': datetime.datetime.utcnow() + datetime.timedelta(days=jwt_exp),
             'iat': datetime.datetime.utcnow(),
             'type': 'service_account',
-            'permissions': self.permissions
+            #'permissions': self.permissions
         }, current_app.config['SECRET_KEY'])
 
         self.expires_at = (datetime.datetime.utcnow() + datetime.timedelta(days=jwt_exp))