Merge branch 'master' into master-land-planner-2999

author: Étienne Loks <etienne.loks@proxience.com> 2016-01-10 15:35:51 +0100
committer: Étienne Loks <etienne.loks@proxience.com> 2016-01-10 15:35:51 +0100
commit: 11d7e76203e13a6d4c2a0c9aa29bd2d1dd86f5b6 (patch)
tree: 8d8e7c09faf179b2fed07878d1cf450a245a78d0 /ishtar_common/views.py
parent: 19fcd922361b045894c0eeb56e095d785299909e (diff)
parent: 2c063aace94e5a9f3b5dc596e4a502ef062db059 (diff)
download: Ishtar-11d7e76203e13a6d4c2a0c9aa29bd2d1dd86f5b6.tar.bz2
Ishtar-11d7e76203e13a6d4c2a0c9aa29bd2d1dd86f5b6.zip
1 files changed, 18 insertions, 12 deletions
diff --git a/ishtar_common/views.py b/ishtar_common/views.py
index a18673b44..1320517ff 100644
--- a/ishtar_common/views.py
+++ b/ishtar_common/views.py
@@ -325,18 +325,24 @@ def get_item(model, func_name, default_name, extra_request_keys=[],
         # check rights
         own = True  # more restrictive by default
         allowed = False
-        for perm, lbl in model._meta.permissions:
-            # if not specific any perm is relevant (read right)
-            if specific_perms and perm not in specific_perms:
-                continue
-            if request.user.has_perm(model._meta.app_label + '.' + perm) \
-                    or (request.user.is_authenticated()
-                        and request.user.ishtaruser.has_right(
-                            perm, session=request.session)):
-                allowed = True
-                if "_own_" not in perm:
-                    own = False
-                    break  # max right reach
+        if request.user.is_authenticated() and \
+                request.user.ishtaruser.has_right('administrator',
+                                                  session=request.session):
+            allowed = True
+            own = False
+        else:
+            for perm, lbl in model._meta.permissions:
+                # if not specific any perm is relevant (read right)
+                if specific_perms and perm not in specific_perms:
+                    continue
+                if request.user.has_perm(model._meta.app_label + '.' + perm) \
+                        or (request.user.is_authenticated()
+                            and request.user.ishtaruser.has_right(
+                                perm, session=request.session)):
+                    allowed = True
+                    if "_own_" not in perm:
+                        own = False
+                        break  # max right reach
         if force_own:
             own = True
         EMPTY = ''
author	Étienne Loks <etienne.loks@proxience.com>	2016-01-10 15:35:51 +0100
committer	Étienne Loks <etienne.loks@proxience.com>	2016-01-10 15:35:51 +0100
commit	11d7e76203e13a6d4c2a0c9aa29bd2d1dd86f5b6 (patch)
tree	8d8e7c09faf179b2fed07878d1cf450a245a78d0 /ishtar_common/views.py
parent	19fcd922361b045894c0eeb56e095d785299909e (diff)
parent	2c063aace94e5a9f3b5dc596e4a502ef062db059 (diff)
download	Ishtar-11d7e76203e13a6d4c2a0c9aa29bd2d1dd86f5b6.tar.bz2 Ishtar-11d7e76203e13a6d4c2a0c9aa29bd2d1dd86f5b6.zip