summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ishtar_common/models.py8
-rw-r--r--ishtar_common/utils.py10
2 files changed, 13 insertions, 5 deletions
diff --git a/ishtar_common/models.py b/ishtar_common/models.py
index aca5f9a34..8096bf6ba 100644
--- a/ishtar_common/models.py
+++ b/ishtar_common/models.py
@@ -290,7 +290,13 @@ class OwnPerms(object):
returned = []
return returned
if isinstance(user, User):
- user = IshtarUser.objects.get(user_ptr=user)
+ try:
+ user = IshtarUser.objects.get(user_ptr=user)
+ except IshtarUser.DoesNotExist:
+ returned = cls.objects.filter(pk__isnull=True)
+ if values:
+ returned = []
+ return returned
items = []
if hasattr(cls, 'BASKET_MODEL'):
items = list(cls.BASKET_MODEL.objects.filter(user=user).all())
diff --git a/ishtar_common/utils.py b/ishtar_common/utils.py
index 94125ddb8..7d5c2ce3a 100644
--- a/ishtar_common/utils.py
+++ b/ishtar_common/utils.py
@@ -126,16 +126,18 @@ def check_model_access_control(request, model, available_perms=None):
if not available_perms:
available_perms = ['view_' + model.__name__.lower(),
'view_own_' + model.__name__.lower()]
- if request.user.ishtaruser.has_right('administrator',
- session=request.session):
+ try:
+ ishtaruser = request.user.ishtaruser
+ except request.user._meta.model.ishtaruser.RelatedObjectDoesNotExist:
+ return False, True
+ if ishtaruser.has_right('administrator', session=request.session):
allowed = True
own = False
return allowed, own
for perm, lbl in model._meta.permissions:
if perm not in available_perms:
continue
- if request.user.ishtaruser.person.has_right(
- perm, session=request.session):
+ if ishtaruser.person.has_right(perm, session=request.session):
allowed = True
if "_own_" not in perm:
own = False
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 13:14:12 +0000