From 652982941ac11b0fb736b8da917cc26a84abd0fe Mon Sep 17 00:00:00 2001
From: Hugo Levy-Falk <klafyvel@gmail.com>
Date: Fri, 28 Aug 2020 21:53:10 +0100
Subject: [PATCH] Fix can_view_app

---
 api/acl.py         |  2 +-
 cotisations/acl.py |  2 +-
 logs/acl.py        |  7 +++----
 machines/acl.py    |  5 ++---
 preferences/acl.py |  5 ++---
 re2o/utils.py      | 21 +++++++++++++++------
 search/acl.py      |  2 +-
 topologie/acl.py   |  2 +-
 users/acl.py       |  2 +-
 9 files changed, 27 insertions(+), 21 deletions(-)

diff --git a/api/acl.py b/api/acl.py
index 490b88c7..181105c9 100644
--- a/api/acl.py
+++ b/api/acl.py
@@ -56,7 +56,7 @@ def _create_api_permission():
 _create_api_permission()
 
 
-def can_view(user):
+def can_view(user, *args, **kwargs):
     """Check if an user can view the application.
 
     Args:
diff --git a/cotisations/acl.py b/cotisations/acl.py
index 07db6929..01c685e3 100644
--- a/cotisations/acl.py
+++ b/cotisations/acl.py
@@ -28,7 +28,7 @@ Here are defined some functions to check acl on the application.
 from django.utils.translation import ugettext as _
 
 
-def can_view(user):
+def can_view(user, *args, **kwargs):
     """Check if an user can view the application.
 
     Args:
diff --git a/logs/acl.py b/logs/acl.py
index 42000ea8..3c94426e 100644
--- a/logs/acl.py
+++ b/logs/acl.py
@@ -28,7 +28,7 @@ Here are defined some functions to check acl on the application.
 from django.utils.translation import ugettext as _
 
 
-def can_view(user):
+def can_view(user, *args, **kwargs):
     """Check if an user can view the application.
 
     Args:
@@ -41,7 +41,6 @@ def can_view(user):
     can = user.has_module_perms("admin")
     return (
         can,
-        None if can else _("You don't have the right to view this"
-                           " application."),
-        "admin",
+        None if can else _("You don't have the right to view this" " application."),
+        ("logs",),
     )
diff --git a/machines/acl.py b/machines/acl.py
index 1989a788..e8b97c62 100644
--- a/machines/acl.py
+++ b/machines/acl.py
@@ -28,7 +28,7 @@ Here are defined some functions to check acl on the application.
 from django.utils.translation import ugettext as _
 
 
-def can_view(user):
+def can_view(user, *args, **kwargs):
     """Check if an user can view the application.
 
     Args:
@@ -41,7 +41,6 @@ def can_view(user):
     can = user.has_module_perms("machines")
     return (
         can,
-        None if can else _("You don't have the right to view this"
-                           " application."),
+        None if can else _("You don't have the right to view this" " application."),
         ("machines",),
     )
diff --git a/preferences/acl.py b/preferences/acl.py
index e1b47faf..ef647029 100644
--- a/preferences/acl.py
+++ b/preferences/acl.py
@@ -28,7 +28,7 @@ Here are defined some functions to check acl on the application.
 from django.utils.translation import ugettext as _
 
 
-def can_view(user):
+def can_view(user, *args, **kwargs):
     """Check if an user can view the application.
 
     Args:
@@ -41,7 +41,6 @@ def can_view(user):
     can = user.has_module_perms("preferences")
     return (
         can,
-        None if can else _("You don't have the right to view this"
-                           " application."),
+        None if can else _("You don't have the right to view this" " application."),
         ("preferences",),
     )
diff --git a/re2o/utils.py b/re2o/utils.py
index 7d43e883..baff6964 100644
--- a/re2o/utils.py
+++ b/re2o/utils.py
@@ -38,7 +38,7 @@ from __future__ import unicode_literals
 
 from django.utils import timezone
 from django.db.models import Q
-from django.contrib.auth.models import Permission
+from django.contrib.auth.models import Permission, Group
 
 from cotisations.models import Cotisation, Facture, Vente
 from machines.models import Interface, Machine
@@ -58,11 +58,20 @@ def get_group_having_permission(*permission_name):
     """
     groups = set()
     for name in permission_name:
-        app_label, codename = name.split(".")
-        permission = Permission.objects.get(
-            content_type__app_label=app_label, codename=codename
-        )
-        groups = groups.union(permission.group_set.all())
+        if "." in name:
+            app_label, codename = name.split(".")
+            permission = Permission.objects.get(
+                content_type__app_label=app_label, codename=codename
+            )
+            groups = groups.union(permission.group_set.all())
+        else:
+            groups = groups.union(
+                Group.objects.filter(
+                    permissions__in=Permission.objects.filter(
+                        content_type__app_label="users"
+                    )
+                ).distinct()
+            )
     return groups
 
 
diff --git a/search/acl.py b/search/acl.py
index 3eee656a..d85914f9 100644
--- a/search/acl.py
+++ b/search/acl.py
@@ -27,7 +27,7 @@ Here are defined some functions to check acl on the application.
 """
 
 
-def can_view(_user):
+def can_view(*args, **kwargs):
     """Check if an user can view the application.
 
     Args:
diff --git a/topologie/acl.py b/topologie/acl.py
index d1aa6a0d..c17073d0 100644
--- a/topologie/acl.py
+++ b/topologie/acl.py
@@ -28,7 +28,7 @@ Here are defined some functions to check acl on the application.
 from django.utils.translation import ugettext as _
 
 
-def can_view(user):
+def can_view(user, *args, **kwargs):
     """Check if an user can view the application.
 
     Args:
diff --git a/users/acl.py b/users/acl.py
index d66b3d2c..6dce7807 100644
--- a/users/acl.py
+++ b/users/acl.py
@@ -28,7 +28,7 @@ Here are defined some functions to check acl on the application.
 from django.utils.translation import ugettext as _
 
 
-def can_view(user):
+def can_view(user, *args, **kwargs):
     """Check if an user can view the application.
 
     Args: