1 files changed, 25 insertions, 11 deletions

diff --git a/ishtar_common/models_imports.py b/ishtar_common/models_imports.py
index cae04298b..510a9ff7d 100644
--- a/ishtar_common/models_imports.py
+++ b/ishtar_common/models_imports.py
@@ -230,9 +230,10 @@ class ImporterType(models.Model):
     def __str__(self):
         return self.name
 
-    @classmethod
-    def is_own(cls, ishtar_user):
-        return bool(cls.objects.filter(users__pk=ishtar_user.pk).count())
+    def is_own(self, ishtar_user):
+        return bool(
+            self.__class__.objects.filter(pk=self.pk, users__pk=ishtar_user.pk).count()
+        )
 
     @property
     def type_label(self):
@@ -1450,19 +1451,32 @@ class BaseImport(models.Model, OwnPerms, SheetItem):
     def get_permissions_for_actions(cls, user, session):
         if not hasattr(user, "ishtaruser") or not user.ishtaruser:
             return False, False, False, False
-        can_edit_all, can_delete_all, can_edit_own, can_delete_own = False, False, False, False
+        permissions = {
+            "can_view_own": False,
+            "can_edit_own": False,
+            "can_delete_own": False,
+            "can_edit_all": False,
+            "can_view_all": False,
+            "can_delete_all": False,
+        }
         if user.is_superuser:
-            can_edit_all = True
-            can_delete_all = True
+            permissions["can_view_all"] = True
+            permissions["can_edit_all"] = True
+            permissions["can_delete_all"] = True
+            return permissions
+        if user.ishtaruser.has_right("view_import", session=session):
+            permissions["can_view_all"] = True
+        elif user.ishtaruser.has_right("view_own_import", session=session):
+            permissions["can_view_own"] = True
         if user.ishtaruser.has_right("change_import", session=session):
-            can_edit_all = True
+            permissions["can_edit_all"] = True
         elif user.ishtaruser.has_right("change_own_import", session=session):
-            can_edit_own = True
+            permissions["can_edit_own"] = True
         if user.ishtaruser.has_right("delete_import", session=session):
-            can_delete_all = True
+            permissions["can_delete_all"] = True
         elif user.ishtaruser.has_right("delete_own_import", session=session):
-            can_delete_own = True
-        return can_edit_all, can_delete_all, can_edit_own, can_delete_own
+            permissions["can_delete_own"] = True
+        return permissions
 
     @classmethod
     def query_can_access(cls, user, perm="view_import"):