From 92b667786ebb776801e4e2c887d41efb671a08f1 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Wed, 15 Mar 2017 10:29:04 +0100 Subject: [PATCH] manager: fix view permissions (fixes #15614) View.permissions must be a list. --- src/authentic2/manager/ou_views.py | 2 +- src/authentic2/manager/role_views.py | 12 ++++++------ src/authentic2/manager/user_views.py | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/authentic2/manager/ou_views.py b/src/authentic2/manager/ou_views.py index eabb89a..f7656ff 100644 --- a/src/authentic2/manager/ou_views.py +++ b/src/authentic2/manager/ou_views.py @@ -18,7 +18,7 @@ listing = OrganizationalUnitView.as_view() class OrganizationalUnitAddView(views.BaseAddView): model = get_ou_model() - permissions = 'a2_rbac.add_organizationalunit' + permissions = ['a2_rbac.add_organizationalunit'] form_class = forms.OUEditForm def get_success_url(self): diff --git a/src/authentic2/manager/role_views.py b/src/authentic2/manager/role_views.py index 5764078..fe8e06f 100644 --- a/src/authentic2/manager/role_views.py +++ b/src/authentic2/manager/role_views.py @@ -237,7 +237,7 @@ class RoleAddChildView(views.AjaxFormViewMixin, views.TitleMixin, form_class = forms.RolesForm success_url = '..' template_name = 'authentic2/manager/form.html' - permissions = 'a2_rbac.change_role' + permissions = ['a2_rbac.change_role'] def dispatch(self, request, *args, **kwargs): self.object = self.get_object() @@ -279,7 +279,7 @@ class RoleRemoveChildView(views.AjaxFormViewMixin, SingleObjectMixin, model = get_role_model() success_url = '../..' template_name = 'authentic2/manager/role_remove_child.html' - permissions = 'a2_rbac.change_role' + permissions = ['a2_rbac.change_role'] def dispatch(self, request, *args, **kwargs): self.object = self.get_object() @@ -333,7 +333,7 @@ class RoleAddAdminRoleView(views.AjaxFormViewMixin, views.TitleMixin, form_class = forms.RolesForm success_url = '..' template_name = 'authentic2/manager/form.html' - permissions = 'a2_rbac.change_role' + permissions = ['a2_rbac.change_role'] def dispatch(self, request, *args, **kwargs): self.object = self.get_object() @@ -353,7 +353,7 @@ class RoleRemoveAdminRoleView(views.TitleMixin, views.AjaxFormViewMixin, SingleO model = get_role_model() success_url = '../..' template_name = 'authentic2/manager/role_remove_admin_role.html' - permissions = 'a2_rbac.change_role' + permissions = ['a2_rbac.change_role'] def dispatch(self, request, *args, **kwargs): self.object = self.get_object() @@ -379,7 +379,7 @@ class RoleAddAdminUserView(views.AjaxFormViewMixin, views.TitleMixin, form_class = forms.UsersForm success_url = '..' template_name = 'authentic2/manager/form.html' - permissions = 'a2_rbac.change_role' + permissions = ['a2_rbac.change_role'] def dispatch(self, request, *args, **kwargs): self.object = self.get_object() @@ -399,7 +399,7 @@ class RoleRemoveAdminUserView(views.TitleMixin, views.AjaxFormViewMixin, SingleO model = get_role_model() success_url = '../..' template_name = 'authentic2/manager/role_remove_admin_user.html' - permissions = 'a2_rbac.change_role' + permissions = ['a2_rbac.change_role'] def dispatch(self, request, *args, **kwargs): self.object = self.get_object() diff --git a/src/authentic2/manager/user_views.py b/src/authentic2/manager/user_views.py index 9b610f7..c47b51d 100644 --- a/src/authentic2/manager/user_views.py +++ b/src/authentic2/manager/user_views.py @@ -33,7 +33,7 @@ class UsersView(HideOUColumnMixin, BaseTableView): template_name = 'authentic2/manager/users.html' model = get_user_model() table_class = UserTable - permissions = 'custom_user.view_user' + permissions = ['custom_user.view_user'] search_form_class = UserSearchForm def is_ou_specified(self): -- 2.1.4