1 files changed, 8 insertions, 10 deletions

diff --git a/archaeological_finds/views.py b/archaeological_finds/views.py
index 866349ce2..0b286531c 100644
--- a/archaeological_finds/views.py
+++ b/archaeological_finds/views.py
@@ -151,14 +151,12 @@ get_administrativeacttreatmentfile = get_item(
 
 
 def autocomplete_treatmentfile(request):
+    ishtaruser = getattr(request.user, "ishtaruser", None)
+    if not ishtaruser:
+        return HttpResponse(content_type="text/plain")
     if (
-        not request.user.has_perm("ishtar_common.view_treatment", models.Treatment)
-        and not request.user.has_perm(
-            "ishtar_common.view_own_treatment", models.Treatment
-        )
-        and not request.user.ishtaruser.has_right(
-            "treatmentfile_search", session=request.session
-        )
+        not ishtaruser.has_permission("archaeological_finds.view_treatment")
+        and not ishtaruser.has_permission("archaeological_finds.view_own_treatment")
     ):
         return HttpResponse(content_type="text/plain")
     if not request.GET.get("term"):
@@ -193,7 +191,7 @@ def show_basefind(request, pk, **dct):
 
 
 def show_find_extra(request, find):
-    if not request.user or not request.user.ishtaruser:
+    if not request.user or not getattr(request.user, "ishtaruser", None):
         return {}
     user = request.user.ishtaruser
     if isinstance(find, dict):
@@ -607,8 +605,8 @@ class FindBasketDeleteItemView(
         basket = self.get_basket(user=ishtaruser, pk=self.kwargs["basket"])
         if (
             not user.is_superuser
-            and not ishtaruser.has_right("view_find")
-            and not (ishtaruser.has_right("view_own_find") and find.is_own(user))
+            and not ishtaruser.has_permission("archaeological_finds.view_find")
+            and not ishtaruser.has_permission("archaeological_finds.view_own_find", find)
         ):
             raise PermissionDenied
         basket.items.remove(find)