# HG changeset patch # User cavaliet # Date 1365775174 -7200 # Node ID d9ab25b8cbf71d8c70c36a325f5aabf9204663ac # Parent 37b61ab57475a24e087edfcb56d6970fef6fb1b7 small and essential correction. (and remove logs) diff -r 37b61ab57475 -r d9ab25b8cbf7 src/ldt/ldt/security/permissionchecker.py --- a/src/ldt/ldt/security/permissionchecker.py Fri Apr 12 13:09:26 2013 +0200 +++ b/src/ldt/ldt/security/permissionchecker.py Fri Apr 12 15:59:34 2013 +0200 @@ -2,10 +2,11 @@ from django.contrib.auth.models import Permission from guardian.models import UserObjectPermission, GroupObjectPermission -import logging -logger = logging.getLogger(__name__) def check_object_perm_for_user(obj, perm_name, user): + # If user is admin... + if user.is_staff: + return True # Guardian has_perm request is REALLY long and not optimized. # So we check manually the change_project permission for the user and the user's groups # Get necessary datas @@ -15,33 +16,19 @@ can_change = False # Check for the user try: - logger.debug("COUCOU 5-2") uop = UserObjectPermission.objects.get(user=user, content_type=content_type, permission=perm, object_pk=obj.pk) - logger.debug("COUCOU 5-3") if uop: - logger.debug("COUCOU 5-4") can_change = True - logger.debug("COUCOU 5-5") except: - logger.debug("COUCOU 5-6") can_change = False - logger.debug("COUCOU 5-7 can_change =") - logger.debug(can_change) # Check for user's groups if necessary if not can_change: try: - logger.debug("COUCOU G-2") gop = GroupObjectPermission.objects.filter(group__user=user, content_type=content_type, permission=perm, object_pk=obj.pk) - logger.debug("COUCOU G-3") if gop and len(gop)>0: - logger.debug("COUCOU G-4") can_change = True - logger.debug("COUCOU G-5") except: - logger.debug("COUCOU G-6") can_change = False - logger.debug("COUCOU G-7 can_change =") - logger.debug(can_change) # End return can_change \ No newline at end of file