rezometz
/
re2o
mirror of https://gitlab.federez.net/re2o/re2o
8
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Fix history acl

fix_multi_op_pref
Hugo Levy-Falk 5 years ago
committed by klafyvel
parent
73a4d2fa27
commit
b4ca715695
1 changed files with 3 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      logs/views.py

4
logs/views.py
View File

@ -536,6 +536,8 @@ def get_history_object(request, model, object_name, object_id):
instance = None instance = None
if instance is None: if instance is None:
# TODO : THIS IS A DECORATOR, YOU CANNOT USE IT LIKE THIS. AS IT, IT
# WILL ALLOW ANYONE TO SEE THE HISTORY OF A DELETED OBJECT.
authorized = can_view_app("logs") authorized = can_view_app("logs")
msg = None msg = None
else: else:
@ -581,7 +583,7 @@ def history(request, application, object_name, object_id):
raise Http404(_("No model found.")) raise Http404(_("No model found."))
authorized, instance = get_history_object(request, model, object_name, object_id) authorized, instance = get_history_object(request, model, object_name, object_id)
if not can_view: if not authorized:
return instance return instance
history = get_history_class(model) history = get_history_class(model)

Write Preview
Loading…
Cancel
Save