rezometz
/
re2o
mirror of https://gitlab.federez.net/re2o/re2o
8
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Fix history acl

release-2.9
Hugo Levy-Falk 5 years ago
committed by Gabriel Detraz
parent
360458541a
commit
f4c5101b35
1 changed files with 3 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      logs/views.py

4
logs/views.py
View File

@ -536,6 +536,8 @@ def get_history_object(request, model, object_name, object_id):
instance = None
if instance is None:
# TODO : THIS IS A DECORATOR, YOU CANNOT USE IT LIKE THIS. AS IT, IT
# WILL ALLOW ANYONE TO SEE THE HISTORY OF A DELETED OBJECT.
authorized = can_view_app("logs")
msg = None
else:
@ -581,7 +583,7 @@ def history(request, application, object_name, object_id):
raise Http404(_("No model found."))
authorized, instance = get_history_object(request, model, object_name, object_id)
if not can_view:
if not authorized:
return instance
history = get_history_class(model)

Write Preview
Loading…
Cancel
Save