Testing to whether a user can attach/unattach is now deferred to the model.

2026-03-04 02:01:01 -03:30 · 2013-03-23 14:31:36 -04:00
parent 4e7827829f
commit 0c9aa1a498
4 changed files with 42 additions and 12 deletions
--- a/lib/main/rbac.py
+++ b/lib/main/rbac.py
@@ -13,6 +13,7 @@ class CustomRbac(permissions.BasePermission):
        # no anonymous users
        if request.user.is_anonymous():
            # 401, not 403, hence no raised exception
+            print "PD4"
            return False
        # superusers are always good
        if request.user.is_superuser:
@@ -30,6 +31,7 @@ class CustomRbac(permissions.BasePermission):
                if request.user.is_superuser:
                    return True
                if not view.list_permissions_check(request):
+                    print "DEBUG: PD1"
                    raise PermissionDenied()
            elif not getattr(view, 'item_permissions_check', None):
                raise Exception("internal error, list_permissions_check or item_permissions_check must be defined")
@@ -42,9 +44,11 @@ class CustomRbac(permissions.BasePermission):
        if request.user.is_superuser:
            return True
        if not self._common_user_check(request):
+            print "DEBUG: PD2"
            return False
        if not obj.active:
            raise Http404()
        if not view.item_permissions_check(request, obj):
+            print "DEBUG: PD3"
            raise PermissionDenied()
        return True