From 8350e90c4a39b64c0a7a200a5fd2b945d61f8f2a Mon Sep 17 00:00:00 2001
From: tobes <toby.junk@gmail.com>
Date: Fri, 28 Sep 2012 10:12:24 +0100
Subject: [PATCH] [#2939] Group controller _check_access helper added

---
 ckan/controllers/group.py | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/ckan/controllers/group.py b/ckan/controllers/group.py
index 9981633158f..2f0e2e8d4a5 100644
--- a/ckan/controllers/group.py
+++ b/ckan/controllers/group.py
@@ -69,6 +69,10 @@ def _action(self, action_name):
         ''' select the correct group/org action '''
         return get_action(self._replace_group_org(action_name))
 
+    def _check_access(self, action_name, *args, **kw):
+        ''' select the correct group/org check_access '''
+        return check_access(self._replace_group_org(action_name), *args, **kw)
+
     def _render_template(self, template_name):
         ''' render the correct group/org template '''
         return render(self._replace_group_org(template_name))
@@ -112,7 +116,7 @@ def index(self):
         data_dict = {'all_fields': True}
 
         try:
-            check_access('site_read', context)
+            self._check_access('site_read', context)
         except NotAuthorized:
             abort(401, _('Not authorized to see this page'))
 
@@ -279,7 +283,7 @@ def new(self, data=None, errors=None, error_summary=None):
                    'save': 'save' in request.params,
                    'parent': request.params.get('parent', None)}
         try:
-            check_access('group_create', context)
+            self._check_access('group_create', context)
         except NotAuthorized:
             abort(401, _('Unauthorized to create a group'))
 
@@ -324,7 +328,7 @@ def edit(self, id, data=None, errors=None, error_summary=None):
         c.group = group
 
         try:
-            check_access('group_update', context)
+            self._check_access('group_update', context)
         except NotAuthorized, e:
             abort(401, _('User %r not authorized to edit %s') % (c.user, id))
 
@@ -411,7 +415,7 @@ def authz(self, id):
         try:
             context = \
                 {'model': model, 'user': c.user or c.author, 'group': group}
-            check_access('group_edit_permissions', context)
+            self._check_access('group_edit_permissions', context)
             c.authz_editable = True
             c.group = context['group']
         except NotAuthorized:
@@ -433,7 +437,7 @@ def delete(self, id):
                    'user': c.user or c.author}
 
         try:
-            check_access('group_delete', context, {'id': id})
+            self._check_access('group_delete', context, {'id': id})
         except NotAuthorized:
             abort(401, _('Unauthorized to delete group %s') % '')