py_tasks_melange: changeset 2178:1d27b489e7e4

Fixes access check for manage view. Added forgotten IsMyEntity check and fixed a bug introduced by a rename in r2816. Addresses Issue 584. Patch by: Lennard de Rijk Reviewed by: to-be-reviewed

--- a/app/soc/views/helper/access.py	Mon Apr 13 15:31:39 2009 +0000
+++ b/app/soc/views/helper/access.py	Mon Apr 13 16:31:36 2009 +0000
@@ -1475,8 +1475,9 @@
     """
 
     try:
-      # check if it is my role the user's own role
+      # check if it is the user's own role
       self.checkHasActiveRoleForScope(django_args, logic_for_role)
+      self.checkIsMyEntity(django_args, logic_for_role, 'user', True)
       return
     except out_of_band.Error:
       pass
@@ -1488,7 +1489,8 @@
         'scope_path': django_args['scope_path'],
         }
 
-    role_entity = role_logic.getFromKeyFieldsOr404(fields)
+    role_entity = logic_for_role.getFromKeyFieldsOr404(fields)
+
     if role_entity.status != 'active':
       raise out_of_band.AccessViolation(message_fmt=DEF_NO_ACTIVE_ROLE_MSG)

author	Lennard de Rijk <ljvderijk@gmail.com>
	Mon, 13 Apr 2009 16:31:36 +0000
changeset 2178	1d27b489e7e4
parent 2177	e2c193e1f631
child 2179	efc3a50a81ef