matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

More detailed logging for permissions checks - see #321

Browse Source 
Signed-off-by: Roger Hunwicks <roger@tonic-solutions.com>
This commit is contained in:
Roger Hunwicks
2017-02-23 16:22:21 +02:00
parent 6e1cf57079
commit ed0145cc1c
3 changed files with 36 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
mayan/apps/permissions/models.py
View File

@@ -46,17 +46,25 @@ class StoredPermission(models.Model):
verbose_name_plural = _('Permissions')
def requester_has_this(self, user):
logger.debug('user: %s', user)
if user.is_superuser or user.is_staff:
logger.debug('Permission "%s" granted to user "%s" as superuser or staff',
self,
user)
return True
# Request is one of the permission's holders?
for group in user.groups.all():
for role in group.roles.all():
if self in role.permissions.all():
logger.debug('Permission "%s" granted to user "%s" through role "%s"',
self,
user,
role)
return True
logger.debug('Fallthru')
logger.debug('Fallthru: Permission "%s" not granted to user "%s"',
self,
user)
return False