From c6ab2c0772a927cb03b39e85eac2dcdb9006896c Mon Sep 17 00:00:00 2001
From: Ivlev Denis <di-erz@yandex.ru>
Date: Thu, 15 Feb 2018 17:24:25 +0300
Subject: [PATCH] Fix user perms

---
 apps/course/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/course/views.py b/apps/course/views.py
index 7431cda4..2d409cf6 100644
--- a/apps/course/views.py
+++ b/apps/course/views.py
@@ -177,7 +177,7 @@ class CourseView(DetailView):
 
     def get(self, request, *args, **kwargs):
         response = super().get(request, *args, **kwargs)
-        if (self.object.status != Course.PUBLISHED and request.user.role not in [User.AUTHOR_ROLE, User.ADMIN_ROLE]) or self.object.author != request.user:
+        if (self.object.status != Course.PUBLISHED and request.user.role != User.ADMIN_ROLE) or (self.object.status != Course.PUBLISHED and request.user.role != User.AUTHOR_ROLE and self.object.author != request.user):
             raise Http404
         return response