summaryrefslogtreecommitdiff
path: root/ishtar_common
diff options
context:
space:
mode:
authorÉtienne Loks <etienne.loks@iggdrasil.net>2025-01-24 15:23:23 +0100
committerÉtienne Loks <etienne.loks@iggdrasil.net>2025-02-19 14:45:56 +0100
commit95d1ac5cc9346c81d8dee6a684fd4c6d79fcdd3f (patch)
tree194ae92ef78c6ae3ddaf0b46695a94dc7b8234b4 /ishtar_common
parent60f04b63c44a8f9daebef713321decaf90944db3 (diff)
downloadIshtar-95d1ac5cc9346c81d8dee6a684fd4c6d79fcdd3f.tar.bz2
Ishtar-95d1ac5cc9346c81d8dee6a684fd4c6d79fcdd3f.zip
🐛 fix own permission check (refs #6126)
Diffstat (limited to 'ishtar_common')
-rw-r--r--ishtar_common/views_item.py7
1 files changed, 5 insertions, 2 deletions
diff --git a/ishtar_common/views_item.py b/ishtar_common/views_item.py
index ae8c1cd47..89caaef77 100644
--- a/ishtar_common/views_item.py
+++ b/ishtar_common/views_item.py
@@ -222,12 +222,15 @@ def check_permission(request, action_slug, obj=None):
main_menu.init()
if action_slug not in main_menu.items:
# not an action -> a classic permission
+ if "." not in action_slug:
+ return False
if request.user.ishtaruser.has_permission(action_slug):
return True
if not obj:
return False
- parts = action_slug.split("_")
- action_slug = f"{parts[0]}_own_{'_'.join(parts[1:])}"
+ app, model_name = action_slug.split(".")
+ parts = model_name.split("_")
+ action_slug = f"{app}.{parts[0]}_own_{'_'.join(parts[1:])}"
return request.user.ishtaruser.has_permission(action_slug, obj)
if obj:
return main_menu.items[action_slug].is_available(