diff --git a/ckan/controllers/group.py b/ckan/controllers/group.py index acdf0064a19..aefab63ff0f 100644 --- a/ckan/controllers/group.py +++ b/ckan/controllers/group.py @@ -654,7 +654,10 @@ def member_new(self, id): else: c.user_role = 'member' c.group_dict = self._action('group_show')(context, {'id': id}) - c.roles = self._action('member_roles_list')(context, {'group_type': 'group'}) + group_type = 'organization' if c.group_dict['is_organization'] else 'group' + c.roles = self._action('member_roles_list')( + context, {'group_type': group_type} + ) except NotAuthorized: abort(401, _('Unauthorized to add member to group %s') % '') except NotFound: diff --git a/ckan/logic/action/delete.py b/ckan/logic/action/delete.py index 2fdaf2f6563..df7d4b3f330 100644 --- a/ckan/logic/action/delete.py +++ b/ckan/logic/action/delete.py @@ -228,7 +228,7 @@ def member_delete(context, data_dict=None): if not obj: raise NotFound('%s was not found.' % obj_type.title()) - _check_access('member_create', context, data_dict) + _check_access('member_delete', context, data_dict) member = model.Session.query(model.Member).\ filter(model.Member.table_name == obj_type).\ @@ -572,6 +572,7 @@ def group_member_delete(context, data_dict=None): :type username: string ''' + _check_access('group_member_delete',context, data_dict) return _group_or_org_member_delete(context, data_dict) def organization_member_delete(context, data_dict=None): @@ -585,6 +586,7 @@ def organization_member_delete(context, data_dict=None): :type username: string ''' + _check_access('organization_member_delete',context, data_dict) return _group_or_org_member_delete(context, data_dict) diff --git a/ckan/logic/auth/delete.py b/ckan/logic/auth/delete.py index 08974144a71..b35daea4e8c 100644 --- a/ckan/logic/auth/delete.py +++ b/ckan/logic/auth/delete.py @@ -2,6 +2,7 @@ import ckan.new_authz as new_authz from ckan.logic.auth import get_package_object, get_group_object, get_related_object from ckan.logic.auth import get_resource_object +import ckan.logic.auth.create as auth_create from ckan.lib.base import _ @@ -130,19 +131,13 @@ def tag_delete(context, data_dict): # sysadmins only return {'success': False} -def _group_or_org_member_delete(context, data_dict): - group = get_group_object(context, data_dict) - user = context['user'] - authorized = new_authz.has_user_permission_for_group_or_org( - group.id, user, 'delete_member') - if not authorized: - return {'success': False, 'msg': _('User %s not authorized to delete organization %s members') % (user, group.id)} - else: - return {'success': True} - return {'success': True} - def group_member_delete(context, data_dict): - return _group_or_org_member_delete(context, data_dict) + ## just return true as logic runs through member_delete + return {'success': True} def organization_member_delete(context, data_dict): - return _group_or_org_member_delete(context, data_dict) + ## just return true as logic runs through member_delete + return {'success': True} + +def member_delete(context, data_dict): + return auth_create.member_create(context, data_dict) diff --git a/ckan/public/base/javascript/modules/autocomplete.js b/ckan/public/base/javascript/modules/autocomplete.js index 648fe5960d0..ed7c676051f 100644 --- a/ckan/public/base/javascript/modules/autocomplete.js +++ b/ckan/public/base/javascript/modules/autocomplete.js @@ -72,6 +72,12 @@ this.ckan.module('autocomplete', function (jQuery, _) { } settings.initSelection = this.formatInitialValue; } + else { + if (/MSIE (\d+\.\d+);/.test(navigator.userAgent)) { + var ieversion=new Number(RegExp.$1); + if (ieversion<=7) {return} + } + } var select2 = this.el.select2(settings).data('select2');