Some permissions fixs and security for atomic vote

This commit is contained in:
2016-12-26 23:30:13 +01:00
parent 729659e358
commit 2f2d5292de
4 changed files with 34 additions and 16 deletions

View File

@ -128,7 +128,7 @@ class Candidature(models.Model):
election_list = models.ForeignKey(ElectionList, related_name='candidatures', verbose_name=_('election list'))
def can_be_edited_by(self, user):
return (user == self.user)
return (user == self.user) or user.can_edit(self.role.election)
def __str__(self):
return "%s : %s" % (self.role.title, self.user.username)