Merge remote-tracking branch 'upstream/master'

2024-08-30 18:33:04 +00:00 · 2021-10-12 18:54:51 +05:30 · 2021-10-12 18:54:51 +05:30 · f4239fbfd3
commit f4239fbfd3
parent beadfb4659 2990dbf512
6 changed files with 10 additions and 7 deletions
--- a/.github/workflows/docker_latest.yaml
+++ b/.github/workflows/docker_latest.yaml
@ -34,7 +34,6 @@ jobs:
          platforms: linux/amd64,linux/arm64,linux/arm/v7
          push: true
          target: production
-          repository: inventree/inventree
          tags: inventree/inventree:latest
      - name: Image Digest
        run: echo ${{ steps.docker_build.outputs.digest }}
--- a/.github/workflows/docker_stable.yaml
+++ b/.github/workflows/docker_stable.yaml
@ -37,7 +37,6 @@ jobs:
          target: production
          build-args:
            branch: stable
-          repository: inventree/inventree
          tags: inventree/inventree:stable
      - name: Image Digest
        run: echo ${{ steps.docker_build.outputs.digest }}
--- a/.github/workflows/docker_tag.yaml
+++ b/.github/workflows/docker_tag.yaml
@ -35,5 +35,4 @@ jobs:
          target: production
          build-args:
            tag: ${{ github.event.release.tag_name }}
-          repository: inventree/inventree
          tags: inventree/inventree:${{ github.event.release.tag_name }}
--- a/InvenTree/InvenTree/metadata.py
+++ b/InvenTree/InvenTree/metadata.py
@ -72,7 +72,10 @@ class InvenTreeMetadata(SimpleMetadata):

                # Remove any HTTP methods that the user does not have permission for
                for method, permission in rolemap.items():
-                    if method in actions and not check(user, table, permission):
+
+                    result = check(user, table, permission)
+
+                    if method in actions and not result:
                        del actions[method]

                # Add a 'DELETE' action if we are allowed to delete
--- a/InvenTree/InvenTree/test_api.py
+++ b/InvenTree/InvenTree/test_api.py
@ -296,9 +296,9 @@ class APITests(InvenTreeAPITestCase):

        actions = self.getActions(url)

-        # 'add' permission does not apply here!
-        self.assertEqual(len(actions), 1)
+        self.assertEqual(len(actions), 2)
        self.assertIn('PUT', actions.keys())
+        self.assertIn('GET', actions.keys())

        # Add some other permissions
        self.assignRole('part.change')
--- a/InvenTree/users/models.py
+++ b/InvenTree/users/models.py
@ -216,7 +216,10 @@ class RuleSet(models.Model):
                    return True

        # Print message instead of throwing an error
-        logger.info(f"User '{user.name}' failed permission check for {table}.{permission}")
+        name = getattr(user, 'name', user.pk)
+
+        logger.info(f"User '{name}' failed permission check for {table}.{permission}")
+
        return False

    @staticmethod