From eec3f2a98d9dea8f6ff774f9fd54eb2ff1131f6a Mon Sep 17 00:00:00 2001
From: "J.-S. Caux" <J.S.Caux@uva.nl>
Date: Wed, 12 Feb 2020 07:26:07 +0100
Subject: [PATCH] Debug permissions in apimail

---
 apimail/managers.py    | 2 +-
 apimail/permissions.py | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/apimail/managers.py b/apimail/managers.py
index 2e6e02376..24d1a087b 100644
--- a/apimail/managers.py
+++ b/apimail/managers.py
@@ -36,7 +36,7 @@ class StoredMessageQuerySet(models.QuerySet):
         """
         if not user.is_authenticated:
             return self.none()
-        elif user.is_superuser or user.is_admin:
+        elif user.is_superuser or user.is_staff:
             return self
 
         # Filter based on account accesses
diff --git a/apimail/permissions.py b/apimail/permissions.py
index 73666b453..e732cc28e 100644
--- a/apimail/permissions.py
+++ b/apimail/permissions.py
@@ -14,7 +14,7 @@ class CanHandleComposedMessage(permissions.BasePermission):
     """
 
     def has_object_permission(self, request, view, obj):
-        if request.user.is_superuser or request.user.is_admin:
+        if request.user.is_superuser or request.user.is_staff:
             return True
 
         return obj.author == request.user
@@ -27,7 +27,7 @@ class CanHandleStoredMessage(permissions.BasePermission):
     """
 
     def has_object_permission(self, request, view, obj):
-        if request.user.is_superuser or request.user.is_admin:
+        if request.user.is_superuser or request.user.is_staff:
             return True
 
         # Check, based on account accesses
@@ -48,7 +48,7 @@ class CanReadStoredMessage(permissions.BasePermission):
     """
 
     def has_object_permission(self, request, view, obj):
-        if request.user.is_superuser or request.user.is_admin:
+        if request.user.is_superuser or request.user.is_staff:
             return True
 
         # Check, based on account accesses
-- 
GitLab