Implement related object ACL access check.

2015-08-14 14:50:55 -04:00
parent b632b69d08
commit ff97dd55e7
1 changed files with 4 additions and 1 deletions
--- a/mayan/apps/acls/managers.py
+++ b/mayan/apps/acls/managers.py
@@ -45,7 +45,7 @@ class AccessControlListManager(models.Manager):
            except self.model.DoesNotExist:
                return StoredPermission.objects.none()

-    def check_access(self, permissions, user, obj):
+    def check_access(self, permissions, user, obj, related=None):
        if user.is_superuser or user.is_staff:
            return True

@@ -56,6 +56,9 @@ class AccessControlListManager(models.Manager):
        except TypeError:
            stored_permissions = [permissions.stored_permission]

+        if related:
+            obj = getattr(obj, related)
+
        user_roles = []
        for group in user.groups.all():
            for role in group.roles.all():