diff options
| author | Étienne Loks <etienne.loks@proxience.com> | 2014-05-28 11:23:20 +0200 |
|---|---|---|
| committer | Étienne Loks <etienne.loks@proxience.com> | 2014-05-28 11:23:20 +0200 |
| commit | 570cd2ceb82e6c65595f56f3fe27da5cd9b3d72d (patch) | |
| tree | 838934d2ae466f6821bca7048ab1edaa53d2a7fa /ishtar_common/views.py | |
| parent | def703c25140d71093eac192660b27f8abe33eef (diff) | |
| download | Ishtar-570cd2ceb82e6c65595f56f3fe27da5cd9b3d72d.tar.bz2 Ishtar-570cd2ceb82e6c65595f56f3fe27da5cd9b3d72d.zip | |
"Own" rights management (refs #1564)
* fix own queries for operations and archaeological files
* fix permission checking
* tests
Diffstat (limited to 'ishtar_common/views.py')
| -rw-r--r-- | ishtar_common/views.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ishtar_common/views.py b/ishtar_common/views.py index 11351d7c0..0292021bf 100644 --- a/ishtar_common/views.py +++ b/ishtar_common/views.py @@ -230,7 +230,7 @@ def get_item(model, func_name, default_name, extra_request_keys=[], # if not specific any perm is relevant (read right) if specific_perms and perm not in specific_perms: continue - if request.user.has_perm(perm) \ + if request.user.has_perm(model._meta.app_label + '.' + perm) \ or (request.user.is_authenticated() and request.user.ishtaruser.has_right(perm)): allowed = True @@ -339,7 +339,7 @@ def get_item(model, func_name, default_name, extra_request_keys=[], break query = Q(**dct) if own: - query = query & model.get_query_own(request.user) + query = query & model.get_query_owns(request.user) for k, or_req in or_reqs: alt_dct = dct.copy() alt_dct.pop(k) |