Temporary fix for rights management

author: Étienne Loks <etienne.loks@iggdrasil.net> 2016-04-21 10:17:29 +0200
committer: Étienne Loks <etienne.loks@iggdrasil.net> 2016-04-21 10:17:29 +0200
commit: 41b5b8d28cbd8245ec065ecc21b4a33e65203a65 (patch)
tree: 2976f2a47f341776ab608cfeab0f8d89a64ec3eb /ishtar_common
parent: 984133f387d822479ddcdb1fc30eb5b4579d21fc (diff)
download: Ishtar-41b5b8d28cbd8245ec065ecc21b4a33e65203a65.tar.bz2
Ishtar-41b5b8d28cbd8245ec065ecc21b4a33e65203a65.zip
2 files changed, 7 insertions, 5 deletions
diff --git a/ishtar_common/menu_base.py b/ishtar_common/menu_base.py
index d8ee0775c..7c309d376 100644
--- a/ishtar_common/menu_base.py
+++ b/ishtar_common/menu_base.py
@@ -89,9 +89,9 @@ class MenuItem:
         for access_control in self.access_controls:
             access_control = prefix + access_control
             if hasattr(user, 'ishtaruser') and \
-                user.ishtaruser.has_perm(access_control, self.model,
-                                         session=session) or \
+                user.ishtaruser.has_perm(access_control, self.model) or\
                access_control in user.get_group_permissions():
+                #                         session=session) or \
                 return True
         # manage by person type
         if hasattr(user, 'ishtaruser'):
@@ -107,8 +107,8 @@ class MenuItem:
         prefix = (self.model._meta.app_label + '.') if self.model else ''
         for access_control in self.access_controls:
             access_control = prefix + access_control
-            if user.has_perm(access_control, self.model, obj=obj,
-                             session=session):
+            if user.has_perm(access_control, self.model, obj=obj):
+                #              session=session):
                 return True
         # manage by person type
         if hasattr(user, 'ishtaruser'):
diff --git a/ishtar_common/views.py b/ishtar_common/views.py
index 296d56648..86664d4e7 100644
--- a/ishtar_common/views.py
+++ b/ishtar_common/views.py
@@ -349,7 +349,9 @@ def get_item(model, func_name, default_name, extra_request_keys=[],
                 # if not specific any perm is relevant (read right)
                 if specific_perms and perm not in specific_perms:
                     continue
-                if request.user.has_perm(model._meta.app_label + '.' + perm) \
+                cperm = model._meta.app_label + '.' + perm
+                if request.user.has_perm(cperm)\
+                        or cperm in request.user.get_all_permissions() \
                         or (request.user.is_authenticated()
                             and request.user.ishtaruser.has_right(
                                 perm, session=request.session)):
author	Étienne Loks <etienne.loks@iggdrasil.net>	2016-04-21 10:17:29 +0200
committer	Étienne Loks <etienne.loks@iggdrasil.net>	2016-04-21 10:17:29 +0200
commit	41b5b8d28cbd8245ec065ecc21b4a33e65203a65 (patch)
tree	2976f2a47f341776ab608cfeab0f8d89a64ec3eb /ishtar_common
parent	984133f387d822479ddcdb1fc30eb5b4579d21fc (diff)
download	Ishtar-41b5b8d28cbd8245ec065ecc21b4a33e65203a65.tar.bz2 Ishtar-41b5b8d28cbd8245ec065ecc21b4a33e65203a65.zip