From 836d68fb7eb529f58fae59728ca5651f64797229 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Mon, 1 Jan 2018 17:31:46 +0100 Subject: [PATCH] Bug dans les checks d'acl : suppression de droits et gestion sur profil --- re2o/acl.py | 8 ++++---- users/views.py | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/re2o/acl.py b/re2o/acl.py index bfacd573..bea27251 100644 --- a/re2o/acl.py +++ b/re2o/acl.py @@ -78,8 +78,8 @@ def can_edit(model, *field_list): kwargs={'userid':str(request.user.id)} )) for field in field_list: - can_create = getattr(model, 'can_change_' + field) - can, msg = can_create(instance, request.user, *args, **kwargs) + can_change = getattr(model, 'can_change_' + field) + can, msg = can_change(request.user, *args, **kwargs) if not can: messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu") return redirect(reverse('users:profil', @@ -97,8 +97,8 @@ def can_change(model, *field_list): def decorator(view): def wrapper(request, *args, **kwargs): for field in field_list: - can_create = getattr(model, 'can_change_' + field) - can, msg = can_create(request.user, *args, **kwargs) + can_change = getattr(model, 'can_change_' + field) + can, msg = can_change(request.user, *args, **kwargs) if not can: messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu") return redirect(reverse('users:profil', diff --git a/users/views.py b/users/views.py index bc7e7137..600c472e 100644 --- a/users/views.py +++ b/users/views.py @@ -274,7 +274,7 @@ def password(request, user, userid): @login_required -@can_edit(User) +@can_edit(User, 'groups') def del_group(request, user, userid, listrightid): with transaction.atomic(), reversion.create_revision(): user.groups.remove(ListRight.objects.get(id=listrightid))