1 files changed, 41 insertions, 20 deletions

diff --git a/ishtar_common/utils.py b/ishtar_common/utils.py
index 11ff45fa7..c35824906 100644
--- a/ishtar_common/utils.py
+++ b/ishtar_common/utils.py
@@ -422,44 +422,65 @@ class OwnPerms:
         """
         return None  # implement for each object
 
+    def can_add(self, request):
+        meta = self.__class__._meta
+        return self.can_do(
+            request, "add", app=meta.app_label, model_name=meta.model_name
+        )
+
     def can_view(self, request):
         meta = self.__class__._meta
-        perm = f"{meta.app_label}.view_{meta.model_name}"
-        return self.can_do(request, perm)
+        return self.can_do(
+            request, "view", app=meta.app_label, model_name=meta.model_name
+        )
+
+    def can_change(self, request):
+        return self.can_edit(request)
 
     def can_edit(self, request):
-        if not getattr(request.user, "ishtaruser", None):
-            return False
-        ishtaruser = request.user.ishtaruser
         meta = self.__class__._meta
-        perm = f"{meta.app_label}.change_{meta.model_name}"
-        if ishtaruser.has_permission(perm):
-            return True
-        own_perm = f"{meta.app_label}.change_own_{meta.model_name}"
-        if not ishtaruser.has_permission(own_perm):
-            return False
-        return self.is_own(ishtaruser)
+        return self.can_do(
+            request, "change", app=meta.app_label, model_name=meta.model_name
+        )
+
+    def can_delete(self, request):
+        meta = self.__class__._meta
+        return self.can_do(
+            request, "delete", app=meta.app_label, model_name=meta.model_name
+        )
 
-    def can_do(self, request, permission):
+    def can_do(self, request, permission, app=None, model_name=None):
         """
         Check permission availability for the current object.
         :param request: request object
         :param permission: action name eg: "archaelogical_finds.change_find" - "own"
-        variation is checked
+        variation is checked - can provide only simple permission (e.g. "change") if app
+        and model_name are provided
+        :param app: application name (if permission not fully provided)
+        :param model_name: model name (if permission not fully provided)
         :return: boolean
         """
         if not getattr(request.user, "ishtaruser", None):
             return False
 
-        if "_findbasket" in permission:
-            permission = permission.replace("basket", "")
+        if (app and not model_name) or (not app and model_name):
+            return False
+
+        if not app:
+            app, perm = permission.split(".")
+            p = perm.split("_")
+            permission = p[0]
+            model_name = ('_').join(p[1:])
+
+        if model_name == "findbasket":
+            model_name = "find"
+
         ishtaruser = request.user.ishtaruser
+        full_permission = f"{app}.{permission}_{model_name}"
 
-        if ishtaruser.has_permission(permission):
+        if ishtaruser.has_permission(full_permission):
             return True
-        app, perm = permission.split(".")
-        p = perm.split("_")
-        own = f"{app}.{p[0]}_own_{('_').join(p[1:])}"
+        own = f"{app}.{permission}_own_{model_name}"
         try:
             return ishtaruser.has_permission(own, self)
         except WrongAppError: