From 12e4316ece39ed7b9e2cca828e70bfefaea89bff Mon Sep 17 00:00:00 2001 From: Étienne Loks Date: Tue, 28 Aug 2018 16:28:47 +0200 Subject: Catch non authification errors --- ishtar_common/utils.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'ishtar_common/utils.py') diff --git a/ishtar_common/utils.py b/ishtar_common/utils.py index 94125ddb8..7d5c2ce3a 100644 --- a/ishtar_common/utils.py +++ b/ishtar_common/utils.py @@ -126,16 +126,18 @@ def check_model_access_control(request, model, available_perms=None): if not available_perms: available_perms = ['view_' + model.__name__.lower(), 'view_own_' + model.__name__.lower()] - if request.user.ishtaruser.has_right('administrator', - session=request.session): + try: + ishtaruser = request.user.ishtaruser + except request.user._meta.model.ishtaruser.RelatedObjectDoesNotExist: + return False, True + if ishtaruser.has_right('administrator', session=request.session): allowed = True own = False return allowed, own for perm, lbl in model._meta.permissions: if perm not in available_perms: continue - if request.user.ishtaruser.person.has_right( - perm, session=request.session): + if ishtaruser.person.has_right(perm, session=request.session): allowed = True if "_own_" not in perm: own = False -- cgit v1.2.3