diff options
| -rw-r--r-- | ishtar_common/models.py | 25 | ||||
| -rw-r--r-- | ishtar_common/views.py | 4 | ||||
| -rw-r--r-- | ishtar_common/views_item.py | 4 |
3 files changed, 21 insertions, 12 deletions
diff --git a/ishtar_common/models.py b/ishtar_common/models.py index de494e863..a99921740 100644 --- a/ishtar_common/models.py +++ b/ishtar_common/models.py @@ -228,7 +228,7 @@ class OwnPerms(object): Manage special permissions for object's owner """ @classmethod - def get_query_owns(cls, user): + def get_query_owns(cls, ishtaruser): """ Query object to get own items """ @@ -238,7 +238,9 @@ class OwnPerms(object): """ Check if the current object is owned by the user """ - query = self.get_query_owns(user) + if not hasattr(user, 'ishtaruser'): + return False + query = self.get_query_owns(user.ishtaruser) if not query: return False query &= Q(pk=self.pk) @@ -249,7 +251,9 @@ class OwnPerms(object): """ Check if the user own some items """ - query = cls.get_query_owns(user) + if not hasattr(user, 'ishtaruser'): + return False + query = cls.get_query_owns(user.ishtaruser) if not query: return False return cls.objects.filter(query).count() @@ -301,7 +305,9 @@ class OwnPerms(object): items = [] if hasattr(cls, 'BASKET_MODEL'): items = list(cls.BASKET_MODEL.objects.filter(user=user).all()) - query = cls.get_query_owns(user) + if not hasattr(user, 'ishtaruser'): + return False + query = cls.get_query_owns(user.ishtaruser) if not query and not replace_query: returned = cls.objects.filter(pk__isnull=True) if values: @@ -2974,16 +2980,15 @@ class Person(Address, Merge, OwnPerms, ValueGetter): fle.save() # force update of raw_general_contractor @classmethod - def get_query_owns(cls, user): + def get_query_owns(cls, ishtaruser): return \ Q(operation_scientist_responsability__collaborators__ishtaruser - =user.ishtaruser) | \ + =ishtaruser) | \ Q(operation_scientist_responsability__scientist__ishtaruser - =user.ishtaruser) | \ + =ishtaruser) | \ Q(operation_collaborator__collaborators__ishtaruser - =user.ishtaruser) | \ - Q(operation_collaborator__scientist__ishtaruser - =user.ishtaruser) + =ishtaruser) | \ + Q(operation_collaborator__scientist__ishtaruser=ishtaruser) post_save.connect(cached_label_changed, sender=Person) diff --git a/ishtar_common/views.py b/ishtar_common/views.py index b59c4c8e4..00e5df7e1 100644 --- a/ishtar_common/views.py +++ b/ishtar_common/views.py @@ -502,7 +502,9 @@ def autocomplete_person(request, person_types=None, attached_to=None, if is_ishtar_user: query = query & Q(ishtaruser__isnull=False) if own_items: - query &= models.Person.get_query_owns(request.user) + if not hasattr(request.user, 'ishtaruser'): + return HttpResponse(json.dumps([]), content_type='text/plain') + query &= models.Person.get_query_owns(request.user.ishtaruser) persons = models.Person.objects.filter(query)[:limit] data = json.dumps([{'id': person.pk, 'value': unicode(person)} for person in persons if person]) diff --git a/ishtar_common/views_item.py b/ishtar_common/views_item.py index 3fa49bd07..cfb7a42c3 100644 --- a/ishtar_common/views_item.py +++ b/ishtar_common/views_item.py @@ -128,7 +128,9 @@ def show_item(model, name, extra_dct=None): return HttpResponse('', content_type="application/xhtml") q = model.objects if own: - query_own = model.get_query_owns(request.user) + if not hasattr(request.user, 'ishtaruser'): + return HttpResponse('NOK') + query_own = model.get_query_owns(request.user.ishtaruser) if query_own: q = q.filter(query_own) try: |