CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Fix time machine permission via pretix_event_access sessions for staff users (#4160)

Browse Source
This commit is contained in:
Mira
2024-05-22 13:13:50 +02:00
committed by GitHub
parent e2800019f6
commit 49c4cc639f
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/pretix/base/timemachine.py
View File

@@ -81,5 +81,6 @@ def has_time_machine_permission(request, event):
) or ( ) or (
getattr(request, 'event_access_user', None) and getattr(request, 'event_access_user', None) and
request.event_access_user.is_authenticated and request.event_access_user.is_authenticated and
request.event_access_user.has_event_permission(request.organizer, request.event, permission, request=request) request.event_access_user.has_event_permission(request.organizer, request.event, permission,
session_key=request.event_access_parent_session_key)
) )

1
src/pretix/presale/utils.py
View File

@@ -339,6 +339,7 @@ def _detect_event(request, require_live=True, require_plugin=None):
request.organizer, request.event, session_key=parent_session_key): request.organizer, request.event, session_key=parent_session_key):
can_access = True can_access = True
request.event_access_user = user request.event_access_user = user
request.event_access_parent_session_key = parent_session_key
if not can_access and not request.event.live: if not can_access and not request.event.live:
# Directly construct view instead of just calling `raise` since this case is so common that we # Directly construct view instead of just calling `raise` since this case is so common that we