Fix link related object ACL resolution. GitLab issue #274. Thanks to Baptiste GAILLET @bat79a.

mayan/apps/acls/links.py

@@ -23,8 +23,9 @@ def get_kwargs_factory(variable_name):
 
 
 link_acl_delete = Link(
-    permissions=(permission_acl_edit,), tags='dangerous', text=_('Delete'),
-    view='acls:acl_delete', args='resolved_object.pk'
+    permissions=(permission_acl_edit,), permissions_related='content_object',
+    tags='dangerous', text=_('Delete'), view='acls:acl_delete',
+    args='resolved_object.pk'
 )
 link_acl_list = Link(
     permissions=(permission_acl_view,), text=_('ACLs'), view='acls:acl_list',
@@ -35,6 +36,7 @@ link_acl_create = Link(
     view='acls:acl_create', kwargs=get_kwargs_factory('resolved_object')
 )
 link_acl_permissions = Link(
-    permissions=(permission_acl_edit,), text=_('Permissions'),
-    view='acls:acl_permissions', args='resolved_object.pk'
+    permissions=(permission_acl_edit,), permissions_related='content_object',
+    text=_('Permissions'), view='acls:acl_permissions',
+    args='resolved_object.pk'
 )

mayan/apps/acls/tests/test_links.py

@@ -0,0 +1,103 @@
+from __future__ import unicode_literals
+
+from django.contrib.contenttypes.models import ContentType
+from django.core.urlresolvers import reverse
+
+from documents.tests.test_views import GenericDocumentViewTestCase
+from user_management.tests.literals import (
+    TEST_USER_PASSWORD, TEST_USER_USERNAME
+)
+
+from ..links import (
+    link_acl_delete, link_acl_list, link_acl_create, link_acl_permissions
+)
+from ..models import AccessControlList
+from ..permissions import permission_acl_edit, permission_acl_view
+
+
+class ACLsLinksTestCase(GenericDocumentViewTestCase):
+    def test_document_acl_create_link(self):
+        acl = AccessControlList.objects.create(
+            content_object=self.document, role=self.role
+        )
+
+        acl.permissions.add(permission_acl_edit.stored_permission)
+        self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
+
+        self.add_test_view(test_object=self.document)
+        context = self.get_test_view()
+        resolved_link = link_acl_create.resolve(context=context)
+
+        self.assertNotEqual(resolved_link, None)
+
+        content_type = ContentType.objects.get_for_model(self.document)
+        kwargs = {
+            'app_label': content_type.app_label,
+            'model': content_type.model,
+            'object_id': self.document.pk
+        }
+
+        self.assertEqual(
+            resolved_link.url, reverse('acls:acl_create', kwargs=kwargs)
+        )
+
+    def test_document_acl_delete_link(self):
+        acl = AccessControlList.objects.create(
+            content_object=self.document, role=self.role
+        )
+
+        acl.permissions.add(permission_acl_edit.stored_permission)
+        self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
+
+        self.add_test_view(test_object=acl)
+        context = self.get_test_view()
+        resolved_link = link_acl_delete.resolve(context=context)
+
+        self.assertNotEqual(resolved_link, None)
+
+        self.assertEqual(
+            resolved_link.url, reverse('acls:acl_delete', args=(acl.pk,))
+        )
+
+    def test_document_acl_edit_link(self):
+        acl = AccessControlList.objects.create(
+            content_object=self.document, role=self.role
+        )
+
+        acl.permissions.add(permission_acl_edit.stored_permission)
+        self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
+
+        self.add_test_view(test_object=acl)
+        context = self.get_test_view()
+        resolved_link = link_acl_permissions.resolve(context=context)
+
+        self.assertNotEqual(resolved_link, None)
+
+        self.assertEqual(
+            resolved_link.url, reverse('acls:acl_permissions', args=(acl.pk,))
+        )
+
+    def test_document_acl_list_link(self):
+        acl = AccessControlList.objects.create(
+            content_object=self.document, role=self.role
+        )
+
+        acl.permissions.add(permission_acl_view.stored_permission)
+        self.login(username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD)
+
+        self.add_test_view(test_object=self.document)
+        context = self.get_test_view()
+        resolved_link = link_acl_list.resolve(context=context)
+
+        self.assertNotEqual(resolved_link, None)
+
+        content_type = ContentType.objects.get_for_model(self.document)
+        kwargs = {
+            'app_label': content_type.app_label,
+            'model': content_type.model,
+            'object_id': self.document.pk
+        }
+
+        self.assertEqual(
+            resolved_link.url, reverse('acls:acl_list', kwargs=kwargs)
+        )

mayan/apps/navigation/classes.py

@@ -212,6 +212,7 @@ class Link(object):
         self.keep_query = keep_query
         self.kwargs = kwargs or {}
         self.permissions = permissions or []
+        self.permissions_related = permissions_related
         self.remove_from_query = remove_from_query or []
         self.tags = tags
         self.text = text
@@ -246,7 +247,7 @@ class Link(object):
                     try:
                         AccessControlList.objects.check_access(
                             self.permissions, request.user, resolved_object,
-                            related=getattr(self, 'permissions_related', None)
+                            related=self.permissions_related
                         )
                     except PermissionDenied:
                         return None