✨ permissions refactoring: generate permissions, adapt permissions checks

author: Étienne Loks <etienne.loks@iggdrasil.net> 2024-10-23 18:51:15 +0200
committer: Étienne Loks <etienne.loks@iggdrasil.net> 2025-02-19 14:43:48 +0100
commit: 6f59b9e36a0971b3deb44562062a878eb26beedf (patch)
tree: e22db164f77fc0ba6e30a539350bb5a37f36f5a6 /archaeological_operations/views.py
parent: be063a7032971db7c00a160595e69e1e67dd2c9f (diff)
download: Ishtar-6f59b9e36a0971b3deb44562062a878eb26beedf.tar.bz2
Ishtar-6f59b9e36a0971b3deb44562062a878eb26beedf.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/archaeological_operations/views.py b/archaeological_operations/views.py
index 7b6a56597..270411bfd 100644
--- a/archaeological_operations/views.py
+++ b/archaeological_operations/views.py
@@ -540,7 +540,10 @@ def get_relation_modify(model, model_relation, formset_class, url_name,
         except model.DoesNotExist:
             raise Http404()
         if "_own_" in current_right:
-            if not item.is_own(request.user):
+            if not request.user.has_perm(current_right, item):
+                raise PermissionDenied()
+        elif current_right:
+            if not request.user.has_perm(current_right):
                 raise PermissionDenied()
         relations = model_relation.objects.filter(left_record_id=pk).all()
         form_kwargs = {"left_record": item}
author	Étienne Loks <etienne.loks@iggdrasil.net>	2024-10-23 18:51:15 +0200
committer	Étienne Loks <etienne.loks@iggdrasil.net>	2025-02-19 14:43:48 +0100
commit	6f59b9e36a0971b3deb44562062a878eb26beedf (patch)
tree	e22db164f77fc0ba6e30a539350bb5a37f36f5a6 /archaeological_operations/views.py
parent	be063a7032971db7c00a160595e69e1e67dd2c9f (diff)
download	Ishtar-6f59b9e36a0971b3deb44562062a878eb26beedf.tar.bz2 Ishtar-6f59b9e36a0971b3deb44562062a878eb26beedf.zip