From 570cd2ceb82e6c65595f56f3fe27da5cd9b3d72d Mon Sep 17 00:00:00 2001 From: Étienne Loks Date: Wed, 28 May 2014 11:23:20 +0200 Subject: "Own" rights management (refs #1564) * fix own queries for operations and archaeological files * fix permission checking * tests --- ishtar_common/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ishtar_common') diff --git a/ishtar_common/views.py b/ishtar_common/views.py index 11351d7c0..0292021bf 100644 --- a/ishtar_common/views.py +++ b/ishtar_common/views.py @@ -230,7 +230,7 @@ def get_item(model, func_name, default_name, extra_request_keys=[], # if not specific any perm is relevant (read right) if specific_perms and perm not in specific_perms: continue - if request.user.has_perm(perm) \ + if request.user.has_perm(model._meta.app_label + '.' + perm) \ or (request.user.is_authenticated() and request.user.ishtaruser.has_right(perm)): allowed = True @@ -339,7 +339,7 @@ def get_item(model, func_name, default_name, extra_request_keys=[], break query = Q(**dct) if own: - query = query & model.get_query_own(request.user) + query = query & model.get_query_owns(request.user) for k, or_req in or_reqs: alt_dct = dct.copy() alt_dct.pop(k) -- cgit v1.2.3