Mercurial > p > roundup > code

diff website/issues/extensions/templating.py @ 6478:a35d4e0c4e07

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix permissions check. Use role not perm check.
author John Rouillard <rouilj@ieee.org>
date Mon, 30 Aug 2021 16:17:46 -0400
parents 0ecfa817299b
children bc95f7431efb
line wrap: on
line diff
--- a/website/issues/extensions/templating.py	Mon Aug 30 15:53:00 2021 -0400
+++ b/website/issues/extensions/templating.py	Mon Aug 30 16:17:46 2021 -0400
@@ -102,7 +102,7 @@
     info.append(get_status_of_module('jinja2') + "<br>")
 
     uid = db._db.getuid()
-    if uid == "1" or db._db.security.hasPermission("Admin", uid):
+    if uid == "1" or db._db.user.has_role(uid,"Admin"):
         #may leak sensitive info about system, directory paths etc.
         #and keys so require admin user access. Consider expanding
         #to Admin rights for tracker.
Roundup Issue Tracker: http://roundup-tracker.org/