From 8fc40c43d3b6194fcadf954980349eaa3a85c7d6 Mon Sep 17 00:00:00 2001 From: Ivlev Denis Date: Thu, 15 Mar 2018 15:13:46 +0300 Subject: [PATCH] Fix cource user perms --- apps/course/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/course/views.py b/apps/course/views.py index 68fd1b1a..caa3bd5f 100644 --- a/apps/course/views.py +++ b/apps/course/views.py @@ -185,7 +185,7 @@ class CourseView(DetailView): def get(self, request, *args, **kwargs): response = super().get(request, *args, **kwargs) context = self.get_context_data() - if not request.user.is_authenticated or (not request.user.is_authenticated and self.object.status != Course.PUBLISHED) or\ + if (not request.user.is_authenticated and self.object.status != Course.PUBLISHED) or\ (request.user.is_authenticated and request.user.role not in [User.AUTHOR_ROLE, User.ADMIN_ROLE] and self.object.author != request.user and self.only_lessons and not context['paid']): raise Http404 return response