Mercurial Mercurial > py_tasks_melange / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed access related bugs
authorSverre Rabbelier <srabbelier@gmail.com>
Mon, 02 Feb 2009 13:59:07 +0000
changeset 1176 c211191e7d81
parent 1175 b39345efab20
child 1177 53c802c2a2e2
Fixed access related bugs Patch by: Sverre Rabbelier
app/soc/views/helper/access.py file | annotate | diff | comparison | revisions
app/soc/views/models/club_app.py file | annotate | diff | comparison | revisions
app/soc/views/models/notification.py file | annotate | diff | comparison | revisions
app/soc/views/models/role.py file | annotate | diff | comparison | revisions 
--- a/app/soc/views/helper/access.py	Mon Feb 02 13:48:15 2009 +0000
+++ b/app/soc/views/helper/access.py	Mon Feb 02 13:59:07 2009 +0000
@@ -592,7 +592,7 @@
         'status': 'group_accepted',
         }
 
-    entity = request_logic.getFromFields(fields)
+    entity = request_logic.getForFields(fields, unique=True)
 
     if entity and (entity.scope.status not in ['invalid', 'inactive']):
       return
@@ -682,7 +682,7 @@
 
     fields = {
         'link_id': django_args['link_id'],
-        field_name: self.user,
+        field_name: self.user.key().name(),
         }
 
     entity = logic.getForFields(fields)
--- a/app/soc/views/models/club_app.py	Mon Feb 02 13:48:15 2009 +0000
+++ b/app/soc/views/models/club_app.py	Mon Feb 02 13:59:07 2009 +0000
@@ -50,10 +50,10 @@
 
     rights = access.Checker(params)
     rights['create'] = ['checkIsUser']
-    rights['delete'] = [('checkIsMyEntity', [club_app_logic, 'applicant'])]
-    rights['edit'] = [('checkIsMyEntity', [club_app_logic, 'applicant'])]
+    rights['delete'] = [('checkIsMyEntity', [club_app_logic.logic, 'applicant'])]
+    rights['edit'] = [('checkIsMyEntity', [club_app_logic.logic, 'applicant'])]
     rights['list'] = ['checkIsUser']
-    rights['public'] = [('checkIsMyEntity', [club_app_logic, 'applicant'])]
+    rights['public'] = [('checkIsMyEntity', [club_app_logic.logic, 'applicant'])]
     rights['review'] = [('checkHasRole', host_logic.logic)]
 
     new_params = {}
--- a/app/soc/views/models/notification.py	Mon Feb 02 13:48:15 2009 +0000
+++ b/app/soc/views/models/notification.py	Mon Feb 02 13:59:07 2009 +0000
@@ -85,7 +85,7 @@
     rights = access.Checker(params)
     rights['unspecified'] = ['deny']
     rights['edit'] = ['deny']
-    rights['show'] = [('checkIsMyEntity', notification_logic)]
+    rights['show'] = [('checkIsMyEntity', [notification_logic, 'scope_path'])]
     rights['delete'] = [('checkIsMyEntity', notification_logic)]
     rights['list'] = ['checkIsUser']
     # create is developer only for the time being to test functionality
--- a/app/soc/views/models/role.py	Mon Feb 02 13:48:15 2009 +0000
+++ b/app/soc/views/models/role.py	Mon Feb 02 13:59:07 2009 +0000
@@ -120,9 +120,9 @@
 
     new_params['create_extra_dynafields'] = {
        'latitude':forms.fields.FloatField(widget=forms.HiddenInput,
-          required=False),
+                                          required=False),
        'longitude': forms.fields.FloatField(widget=forms.HiddenInput,
-          required=False),
+                                            required=False),
        'clean_link_id': cleaning.clean_existing_user('link_id'),
        'clean_home_page': cleaning.clean_url('home_page'),
        'clean_blog': cleaning.clean_url('blog'),
py_tasks_melange