Próba naprawienia uprawnień.

diff --git a/apps/api/handlers/library_handlers.py b/apps/api/handlers/library_handlers.py
index f7d5784..607ac95 100644 (file)
--- a/apps/api/handlers/library_handlers.py
+++ b/apps/api/handlers/library_handlers.py
@@ -42,14 +42,14 @@ def check_user(request, user):
     log.info("user: %r, perm: %r" % (request.user, request.user.get_all_permissions()) )
     #pull request
     if is_prq(user):
-        if not request.user.has_perm('api.pullrequest.can_view'):
+        if not request.user.has_perm('api.view_prq'):
             yield response.AccessDenied().django_response({
                 'reason': 'access-denied',
                 'message': "You don't have enough priviliges to view pull requests."
             })
     # other users
     elif request.user.username != user:
-        if not request.user.has_perm('api.document.can_view_other'):
+        if not request.user.has_perm('api.view_other_document'):
             yield response.AccessDenied().django_response({
                 'reason': 'access-denied',
                 'message': "You don't have enough priviliges to view other people's document."
@@ -648,7 +648,7 @@ class MergeHandler(BaseHandler):
                     "message": "There are unresolved conflicts in your file. Fix them, and try again."
                 })
 
-            if not request.user.has_perm('api.document.can_share'):
+            if not request.user.has_perm('api.share_document'):
                 # User is not permitted to make a merge, right away
                 # So we instead create a pull request in the database
                 try:

diff --git a/apps/api/handlers/manage_handlers.py b/apps/api/handlers/manage_handlers.py
index 5905724..df32b8b 100644 (file)
--- a/apps/api/handlers/manage_handlers.py
+++ b/apps/api/handlers/manage_handlers.py
@@ -18,7 +18,7 @@ class PullRequestListHandler(BaseHandler):
     allowed_methods = ('GET',)
 
     def read(self, request):
-        if request.user.has_perm('api.pullrequest.can_change'):
+        if request.user.has_perm('change_pullrequest'):
             return PullRequest.objects.all()
         else:
             return PullRequest.objects.filter(commiter=request.user)
@@ -33,7 +33,7 @@ class PullRequestHandler(BaseHandler):
     def update(self, request, prq_id):
         """Change the status of request"""
 
-        if not request.user.has_perm('api.pullrequest.can_change'):
+        if not request.user.has_perm('change_pullrequest'):
             return AccessDenied().django_response("Insufficient priviliges")
         
         prq = PullRequest.objects.get(id=prq_id)

diff --git a/apps/api/models.py b/apps/api/models.py
index 90f962e..8252589 100644 (file)
--- a/apps/api/models.py
+++ b/apps/api/models.py
@@ -59,7 +59,7 @@ class PullRequest(models.Model):
 
     class Meta:
         permissions = (           
-            ("pullrequest.can_view", "Can view pull request's contents."),
+            ("view_prq", "Can view pull request's contents."),
         )
 
 
@@ -68,6 +68,6 @@ class PullRequest(models.Model):
 class Document(models.Model):
     class Meta:
         permissions = (
-            ("document.can_share", "Can share documents without pull requests."),
-            ("document.can_view_other", "Can view other's documents."),
+            ("share_document", "Can share documents without pull requests."),
+            ("view_other_document", "Can view other's documents."),
         )    
\ No newline at end of file