diff options
| -rw-r--r-- | ishtar_common/menu_base.py | 8 | ||||
| -rw-r--r-- | ishtar_common/views.py | 4 |
2 files changed, 7 insertions, 5 deletions
diff --git a/ishtar_common/menu_base.py b/ishtar_common/menu_base.py index d8ee0775c..7c309d376 100644 --- a/ishtar_common/menu_base.py +++ b/ishtar_common/menu_base.py @@ -89,9 +89,9 @@ class MenuItem: for access_control in self.access_controls: access_control = prefix + access_control if hasattr(user, 'ishtaruser') and \ - user.ishtaruser.has_perm(access_control, self.model, - session=session) or \ + user.ishtaruser.has_perm(access_control, self.model) or\ access_control in user.get_group_permissions(): + # session=session) or \ return True # manage by person type if hasattr(user, 'ishtaruser'): @@ -107,8 +107,8 @@ class MenuItem: prefix = (self.model._meta.app_label + '.') if self.model else '' for access_control in self.access_controls: access_control = prefix + access_control - if user.has_perm(access_control, self.model, obj=obj, - session=session): + if user.has_perm(access_control, self.model, obj=obj): + # session=session): return True # manage by person type if hasattr(user, 'ishtaruser'): diff --git a/ishtar_common/views.py b/ishtar_common/views.py index 296d56648..86664d4e7 100644 --- a/ishtar_common/views.py +++ b/ishtar_common/views.py @@ -349,7 +349,9 @@ def get_item(model, func_name, default_name, extra_request_keys=[], # if not specific any perm is relevant (read right) if specific_perms and perm not in specific_perms: continue - if request.user.has_perm(model._meta.app_label + '.' + perm) \ + cperm = model._meta.app_label + '.' + perm + if request.user.has_perm(cperm)\ + or cperm in request.user.get_all_permissions() \ or (request.user.is_authenticated() and request.user.ishtaruser.has_right( perm, session=request.session)): |