Commit 60d3e7246bfb32944394025016ab009c7e954a05
1 parent
b3d2cb1d
Exists in
master
and in
5 other branches
Permission to app file #128 #129 #130
Showing
2 changed files
with
23 additions
and
1 deletions
Show diff stats
| ... | ... | @@ -0,0 +1,22 @@ |
| 1 | +from rolepermissions.permissions import register_object_checker | |
| 2 | +from amadeus.roles import SystemAdmin | |
| 3 | + | |
| 4 | +@register_object_checker() | |
| 5 | +def edit_file(role, user, file): | |
| 6 | + if (role == SystemAdmin): | |
| 7 | + return True | |
| 8 | + | |
| 9 | + if (user in file.topic.subject.professors.all()): | |
| 10 | + return True | |
| 11 | + | |
| 12 | + return False | |
| 13 | + | |
| 14 | +@register_object_checker() | |
| 15 | +def delete_file(role, user, file): | |
| 16 | + if (role == SystemAdmin): | |
| 17 | + return True | |
| 18 | + | |
| 19 | + if (user in file.topic.subject.professors.all()): | |
| 20 | + return True | |
| 21 | + | |
| 22 | + return False | |
| 0 | 23 | \ No newline at end of file | ... | ... |
files/views.py
| ... | ... | @@ -181,7 +181,7 @@ class UpdateFile(LoginRequiredMixin, HasRoleMixin, LogMixin, generic.UpdateView) |
| 181 | 181 | |
| 182 | 182 | def dispatch(self, *args, **kwargs): |
| 183 | 183 | file = get_object_or_404(TopicFile, slug = self.kwargs.get('slug')) |
| 184 | - if(not has_object_permission('edit_file', self.request.user, file) or not(self.request.user in file.topic.subject.professors.all())): | |
| 184 | + if(not has_object_permission('edit_file', self.request.user, file) and not(self.request.user in file.topic.subject.professors.all())): | |
| 185 | 185 | return self.handle_no_permission() |
| 186 | 186 | return super(UpdateFile, self).dispatch(*args, **kwargs) |
| 187 | 187 | ... | ... |