From 6585c072ae415325c14a24c66f04c0a51a36008b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Norman=20J=C3=A4ckel?= Date: Tue, 19 Feb 2019 14:04:49 +0100 Subject: [PATCH] Fixed permission check for hidden and internal items. --- openslides/agenda/access_permissions.py | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/openslides/agenda/access_permissions.py b/openslides/agenda/access_permissions.py index f0dd12eb5..040ca3540 100644 --- a/openslides/agenda/access_permissions.py +++ b/openslides/agenda/access_permissions.py @@ -71,11 +71,13 @@ class ItemAccessPermissions(BaseAccessPermissions): data = [] for full in full_data: - if full["is_hidden"] and can_see_hidden: - # Same filtering for internal and hidden items - data.append( - filtered_data(full, blocked_keys_internal_hidden_case) - ) + if full["is_hidden"]: + if can_see_hidden: + # Same filtering for internal and hidden items + data.append( + filtered_data(full, blocked_keys_internal_hidden_case) + ) + # If can_see_hidden is false, the user (which is a non manager) can not see anything. elif full["is_internal"]: data.append( filtered_data(full, blocked_keys_internal_hidden_case)