Corrected verification of manager permissions
authorThierry Florac <tflorac@ulthar.net>
Fri, 14 Dec 2018 11:30:56 +0100
changeset 1169 04cf19b3985f
parent 1168 3b177d6db9db
child 1170 49cba50f36cb
Corrected verification of manager permissions
src/pyams_content/workflow/__init__.py
--- a/src/pyams_content/workflow/__init__.py	Fri Dec 14 11:12:11 2018 +0100
+++ b/src/pyams_content/workflow/__init__.py	Fri Dec 14 11:30:56 2018 +0100
@@ -12,31 +12,27 @@
 
 __docformat__ = 'restructuredtext'
 
-
-# import standard library
 from datetime import datetime
 
-# import interfaces
-from pyams_content.interfaces import MANAGE_SITE_ROOT_PERMISSION, MANAGE_CONTENT_PERMISSION, \
-    PUBLISH_CONTENT_PERMISSION, CREATE_CONTENT_PERMISSION
-from pyams_content.interfaces import WEBMASTER_ROLE, PILOT_ROLE, MANAGER_ROLE, OWNER_ROLE, READER_ROLE
-from pyams_content.shared.common.interfaces import IWfSharedContentRoles, IManagerRestrictions
-from pyams_content.workflow.interfaces import IContentWorkflow
-from pyams_security.interfaces import IRoleProtectedObject
-from pyams_workflow.interfaces import ObjectClonedEvent, IWorkflow, IWorkflowVersions, IWorkflowInfo, \
-    IWorkflowState, IWorkflowStateLabel, IWorkflowPublicationInfo, AUTOMATIC, SYSTEM
-
-# import packages
-from pyams_utils.adapter import adapter_config, ContextAdapter
-from pyams_utils.date import format_datetime
-from pyams_utils.registry import utility_config
-from pyams_utils.request import check_request
-from pyams_workflow.workflow import Transition, Workflow
 from pyramid.threadlocal import get_current_registry
 from zope.copy import copy
 from zope.interface import implementer
 from zope.location import locate
-from zope.schema.vocabulary import SimpleVocabulary, SimpleTerm
+from zope.schema.vocabulary import SimpleTerm, SimpleVocabulary
+
+from pyams_content.interfaces import CREATE_CONTENT_PERMISSION, MANAGE_CONTENT_PERMISSION, MANAGE_SITE_ROOT_PERMISSION, \
+    PUBLISH_CONTENT_PERMISSION
+from pyams_content.interfaces import MANAGER_ROLE, OWNER_ROLE, PILOT_ROLE, READER_ROLE, WEBMASTER_ROLE
+from pyams_content.shared.common.interfaces import IManagerRestrictions, IWfSharedContentRoles
+from pyams_content.workflow.interfaces import IContentWorkflow
+from pyams_security.interfaces import IRoleProtectedObject
+from pyams_utils.adapter import ContextAdapter, adapter_config
+from pyams_utils.date import format_datetime
+from pyams_utils.registry import utility_config
+from pyams_utils.request import check_request
+from pyams_workflow.interfaces import AUTOMATIC, IWorkflow, IWorkflowInfo, IWorkflowPublicationInfo, IWorkflowState, \
+    IWorkflowStateLabel, IWorkflowVersions, ObjectClonedEvent, SYSTEM
+from pyams_workflow.workflow import Transition, Workflow
 
 from pyams_content import _
 
@@ -169,7 +165,7 @@
         return True
     # grant access to shared tool managers if restrictions apply
     restrictions = IManagerRestrictions(context).get_restrictions(principal_id)
-    return restrictions and restrictions.check_access(context, permission=CREATE_CONTENT_PERMISSION, request=request)
+    return restrictions and restrictions.check_access(context, permission=MANAGE_CONTENT_PERMISSION, request=request)
 
 
 def can_delete_version(wf, context):