Commit 836d68fb authored by Gabriel Detraz's avatar Gabriel Detraz Committed by root

Bug dans les checks d'acl : suppression de droits et gestion sur profil

parent dd4a695d
......@@ -78,8 +78,8 @@ def can_edit(model, *field_list):
kwargs={'userid':str(request.user.id)}
))
for field in field_list:
can_create = getattr(model, 'can_change_' + field)
can, msg = can_create(instance, request.user, *args, **kwargs)
can_change = getattr(model, 'can_change_' + field)
can, msg = can_change(request.user, *args, **kwargs)
if not can:
messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
return redirect(reverse('users:profil',
......@@ -97,8 +97,8 @@ def can_change(model, *field_list):
def decorator(view):
def wrapper(request, *args, **kwargs):
for field in field_list:
can_create = getattr(model, 'can_change_' + field)
can, msg = can_create(request.user, *args, **kwargs)
can_change = getattr(model, 'can_change_' + field)
can, msg = can_change(request.user, *args, **kwargs)
if not can:
messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
return redirect(reverse('users:profil',
......
......@@ -274,7 +274,7 @@ def password(request, user, userid):
@login_required
@can_edit(User)
@can_edit(User, 'groups')
def del_group(request, user, userid, listrightid):
with transaction.atomic(), reversion.create_revision():
user.groups.remove(ListRight.objects.get(id=listrightid))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment