diff options
Diffstat (limited to 'ishtar/ishtar_base/views.py')
| -rw-r--r-- | ishtar/ishtar_base/views.py | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/ishtar/ishtar_base/views.py b/ishtar/ishtar_base/views.py index c00dd8bc9..94a37d46e 100644 --- a/ishtar/ishtar_base/views.py +++ b/ishtar/ishtar_base/views.py @@ -74,8 +74,11 @@ def check_permission(request, action_slug, obj_id=None): return menu.items[action_slug].can_be_available(request.user) def autocomplete_person(request, person_type=None): - if not request.user.has_perm('ishtar_base.view_person', models.Person) and \ - not request.user.has_perm('ishtar_base.view_own_person', models.Person) : + person_types = request.user.ishtaruser.person.person_type + if (not request.user.has_perm('ishtar_base.view_person', models.Person) and + not request.user.has_perm('ishtar_base.view_own_person', models.Person) + and not person_types.rights.filter(wizard__url_name='person_search' + ).count()): return HttpResponse(mimetype='text/plain') if not request.GET.get('term'): return HttpResponse(mimetype='text/plain') @@ -120,8 +123,11 @@ def autocomplete_town(request): return HttpResponse(data, mimetype='text/plain') def autocomplete_file(request): - if not request.user.has_perm('ishtar_base.view_file', models.File) and \ - not request.user.has_perm('ishtar_base.view_own_file', models.File) : + person_types = request.user.ishtaruser.person.person_type + if (not request.user.has_perm('ishtar_base.view_file', models.File) and \ + not request.user.has_perm('ishtar_base.view_own_file', models.File) + and not person_types.rights.filter(wizard__url_name='file_search' + ).count()): return HttpResponse(mimetype='text/plain') if not request.GET.get('term'): return HttpResponse(mimetype='text/plain') @@ -434,9 +440,12 @@ show_file = show_item(models.File, 'file') revert_file = revert_item(models.File) def autocomplete_operation(request, non_closed=True): - if not request.user.has_perm('ishtar_base.view_operation', models.Operation)\ + person_types = request.user.ishtaruser.person.person_type + if (not request.user.has_perm('ishtar_base.view_operation', models.Operation)\ and not request.user.has_perm('ishtar_base.view_own_operation', - models.Operation): + models.Operation) + and not person_types.rights.filter(wizard__url_name='operation_search' + ).count()): return HttpResponse(mimetype='text/plain') if not request.GET.get('term'): return HttpResponse(mimetype='text/plain') @@ -492,10 +501,13 @@ get_administrativeactop = get_item(models.AdministrativeAct, 'act_type__intented_to':'act_type__intented_to'}) def autocomplete_organization(request, orga_type=None): - if not request.user.has_perm('ishtar_base.view_organization', + person_types = request.user.ishtaruser.person.person_type + if (not request.user.has_perm('ishtar_base.view_organization', models.Organization) and \ not request.user.has_perm('ishtar_base.view_own_organization', - models.Organization): + models.Organization) + and not person_types.rights.filter(wizard__url_name='person_search' + ).count()): return HttpResponse(mimetype='text/plain') if not request.GET.get('term'): return HttpResponse(mimetype='text/plain') |