From 6f59b9e36a0971b3deb44562062a878eb26beedf Mon Sep 17 00:00:00 2001
From: Étienne Loks <etienne.loks@iggdrasil.net>
Date: Wed, 23 Oct 2024 18:51:15 +0200
Subject: ✨ permissions refactoring: generate permissions, adapt permissions
 checks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 archaeological_operations/views.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'archaeological_operations/views.py')

diff --git a/archaeological_operations/views.py b/archaeological_operations/views.py
index 7b6a56597..270411bfd 100644
--- a/archaeological_operations/views.py
+++ b/archaeological_operations/views.py
@@ -540,7 +540,10 @@ def get_relation_modify(model, model_relation, formset_class, url_name,
         except model.DoesNotExist:
             raise Http404()
         if "_own_" in current_right:
-            if not item.is_own(request.user):
+            if not request.user.has_perm(current_right, item):
+                raise PermissionDenied()
+        elif current_right:
+            if not request.user.has_perm(current_right):
                 raise PermissionDenied()
         relations = model_relation.objects.filter(left_record_id=pk).all()
         form_kwargs = {"left_record": item}
-- 
cgit v1.2.3