Fix the user role checking in History routes

This commit is contained in:
Khanh Ngo 2018-09-04 17:58:13 +07:00
parent c8d72f5bba
commit 67dd626c65
No known key found for this signature in database
GPG Key ID: B9AE3BAF6D5A7B22
2 changed files with 2 additions and 2 deletions

View File

@ -23,7 +23,7 @@
<h3 class="box-title">History Management</h3> <h3 class="box-title">History Management</h3>
</div> </div>
<div class="box-body clearfix"> <div class="box-body clearfix">
<button type="button" class="btn btn-flat btn-danger pull-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role != 'Administrator' %}disabled{% endif %}> <button type="button" class="btn btn-flat btn-danger pull-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
Clear History&nbsp;<i class="fa fa-trash"></i> Clear History&nbsp;<i class="fa fa-trash"></i>
</button> </button>
</div> </div>

View File

@ -1324,7 +1324,7 @@ def admin_manageaccount():
@operator_role_required @operator_role_required
def admin_history(): def admin_history():
if request.method == 'POST': if request.method == 'POST':
if current_user.role != 'Administrator': if current_user.role.name != 'Administrator':
return make_response(jsonify( { 'status': 'error', 'msg': 'You do not have permission to remove history.' } ), 401) return make_response(jsonify( { 'status': 'error', 'msg': 'You do not have permission to remove history.' } ), 401)
h = History() h = History()