fix analytics permissions (cvat-ai#1608)

signatrix · Aug 3, 2020 · dd158b3 · dd158b3
1 parent 7a945b1
commit dd158b3
Show file tree

Hide file tree

Showing 6 changed files with 11 additions and 11 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -58,6 +58,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - A problem with mask to polygons conversion when polygons are too small (<https://github.com/opencv/cvat/pull/1581>)
 - Unable to upload video with uneven size (<https://github.com/opencv/cvat/pull/1594>)
 - Fixed an issue with `z_order` having no effect on segmentations (<https://github.com/opencv/cvat/pull/1589>)
+- Permission group whitelist check for analytics view (<https://github.com/opencv/cvat/pull/1608>)
 
 ### Security
 -

diff --git a/cvat/apps/log_viewer/admin.py b/cvat/apps/log_viewer/admin.py
diff --git a/cvat/apps/log_viewer/models.py b/cvat/apps/log_viewer/models.py
diff --git a/cvat/apps/log_viewer/tests.py b/cvat/apps/log_viewer/tests.py
diff --git a/cvat/apps/log_viewer/urls.py b/cvat/apps/log_viewer/urls.py
@@ -1,5 +1,5 @@
 
-# Copyright (C) 2018 Intel Corporation
+# Copyright (C) 2018-2020 Intel Corporation
 #
 # SPDX-License-Identifier: MIT
 
@@ -9,4 +9,3 @@
 urlpatterns = [
     path('<path:path>', views.LogViewerProxy.as_view())
 ]
-
diff --git a/cvat/apps/log_viewer/views.py b/cvat/apps/log_viewer/views.py
@@ -1,3 +1,7 @@
+# Copyright (C) 2018-2020 Intel Corporation
+#
+# SPDX-License-Identifier: MIT
+
 import os
 
 from revproxy.views import ProxyView
@@ -20,3 +24,8 @@ def get_request_headers(self):
         headers['X-Forwarded-User'] = headers['REMOTE_USER']
 
         return headers
+
+    # Returns True if the user has any of the specified permissions
+    def has_permission(self):
+        perms = self.get_permission_required()
+        return any(self.request.user.has_perm(perm) for perm in perms)