decentral1se/pandora
1
0
Fork 0
forked from 0x2620/pandora
Code Issues Pull requests Projects Releases Wiki Activity

allow users to only edit there own groups

Browse source
This commit is contained in:
j 2014-10-15 09:45:11 +00:00
parent ef0aca6acb
commit d599781d50
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
pandora/item/views.py
View file

@ -559,6 +559,13 @@ def edit(request, data):
item.user = new_user
update_clips = True
del data['user']
if 'groups' in data:
if not request.user.get_profile().capability('canManageUsers'):
# Users wihtout canManageUsers can only add/remove groups they are not in
groups = set([g.name for g in item.groups.all()])
user_groups = set([g.name for g in request.user.groups.all()])
other_groups = list(groups - user_groups)
data['groups'] = [g for g in data['groups'] if g in user_groups] + other_groups
r = item.edit(data)
if r:
r.wait()