Commit 49a28a1d authored by Mikael Salson's avatar Mikael Salson Committed by Vidjil

sample_set_list.py: Users did not have the right to delete/modify sample set on main list

It appeared that between the sample_set/all and sample_set/index controller there was a difference in how
the permissions were checked. In the sample_set/index we used `auth.can_modify_sample_set` while in the
sample_set/all controller we used `auth.can_modify`. This is probably due to how permissions are handled
now (see #3077). Therefore I used the `can_modify_sample_set` function instead.

Fixes #3138
parent 8ac858b5
Pipeline #21397 failed with stages
in 29 seconds
......@@ -51,7 +51,7 @@ class SampleSetList():
self.elements[key.id].most_used_conf = ""
self.elements[key.id].groups = ""
self.elements[key.id].group_list = []
self.elements[key.id].has_permission = auth.can_modify(type, key.id)
self.elements[key.id].has_permission = auth.can_modify_sample_set(key.sample_set_id)
self.elements[key.id].anon_allowed = auth.can_view_info(type, key.id)
self.element_ids = self.elements.keys()
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment