From ebe76c83c7d546425d302cc5b92e2ec3886c5bca Mon Sep 17 00:00:00 2001
From: Krophil <pierre.brunet@krophil.fr>
Date: Mon, 27 Feb 2017 01:09:50 +0100
Subject: [PATCH] fix permissions

---
 accounting/models.py | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/accounting/models.py b/accounting/models.py
index 7371bff0..f4ea5c73 100644
--- a/accounting/models.py
+++ b/accounting/models.py
@@ -187,6 +187,16 @@ class GeneralJournal(models.Model):
             return True
         return False
 
+    def can_be_edited_by(self, user):
+        """
+        Method to see if that object can be edited by the given user
+        """
+        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+            return True
+        if self.club_account.can_be_edited_by(user):
+            return True
+        return False
+
     def can_be_viewed_by(self, user):
         return self.club_account.can_be_edited_by(user)
 
@@ -291,7 +301,7 @@ class Operation(models.Model):
         if self.journal.closed:
             return False
         m = self.journal.club_account.club.get_membership_for(user)
-        if m is not None and m.role >= 7:
+        if m is not None and m.role >= settings.SITH_CLUB_ROLES_ID['Treasurer']:
             return True
         return False
 
@@ -299,7 +309,12 @@ class Operation(models.Model):
         """
         Method to see if that object can be edited by the given user
         """
-        if self.is_owned_by(user):
+        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+            return True
+        if self.journal.closed:
+            return False
+        m = self.journal.club_account.club.get_membership_for(user)
+        if m is not None and m.role == settings.SITH_CLUB_ROLES_ID['Treasurer']:
             return True
         return False