From e737af50816cde844e25bea2eeeff885e5a7f763 Mon Sep 17 00:00:00 2001
From: Étienne Loks <etienne.loks@iggdrasil.net>
Date: Wed, 17 May 2017 21:36:00 +0200
Subject: Document generation: check permission - test

---
 archaeological_operations/views.py | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'archaeological_operations/views.py')

diff --git a/archaeological_operations/views.py b/archaeological_operations/views.py
index 545f42b89..7f77eb694 100644
--- a/archaeological_operations/views.py
+++ b/archaeological_operations/views.py
@@ -449,6 +449,10 @@ def administrativeactfile_document(
             AdministrativeActTreatmentFileFormSelection
         search_form = AdministrativeActTreatmentFileFormSelection
         document_type = 'TF'
+
+    if not request.user.has_perm('view_administrativeact',
+                                 models.AdministrativeAct):
+        return HttpResponse(content_type='text/plain')
     dct = {}
     if request.POST:
         dct['search_form'] = search_form(request.POST)
-- 
cgit v1.2.3