rendered items should only be available to users that can edit them, fixes #1197

2013-07-23 11:38:50 +00:00 · 2013-07-23 11:38:50 +00:00 · 9491d68227
commit 9491d68227
parent 8466c054f2
2 changed files with 15 additions and 4 deletions
--- a/pandora/item/models.py
+++ b/pandora/item/models.py
@ -194,10 +194,15 @@ class Item(models.Model):
            level = 'guest'
        else:
            level = user.get_profile().get_level()
+        editable = self.editable(user)
+        if editable:
+            return True
+        if not self.rendered and settings.CONFIG.get('itemRequiresVideo'):
+            return False
        allowed_level = settings.CONFIG['capabilities']['canSeeItem'][level]
        if self.level <= allowed_level:
            return True
-        return self.editable(user)
+        return False

    def editable(self, user):
        if user.is_anonymous():