From 0319cbcfd780107838f3976114825189693f4cfd Mon Sep 17 00:00:00 2001
From: Jonathan Weth <git@jonathanweth.de>
Date: Fri, 21 Aug 2020 16:21:10 +0200
Subject: [PATCH] Fix register_absence rules (allow only primary group owners
 to register absences)

---
 aleksis/apps/alsijil/forms.py | 2 +-
 aleksis/apps/alsijil/rules.py | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/aleksis/apps/alsijil/forms.py b/aleksis/apps/alsijil/forms.py
index b653edc5f..cb920e1f2 100644
--- a/aleksis/apps/alsijil/forms.py
+++ b/aleksis/apps/alsijil/forms.py
@@ -150,7 +150,7 @@ class RegisterAbsenceForm(forms.Form):
                     self.request.user, "core.register_absence_person", Person
                 )
                 .union(
-                    Person.objects.filter(member_of__owners=self.request.user.person)
+                    Person.objects.filter(primary_group__owners=self.request.user.person)
                 )
                 .union(
                     Person.objects.filter(
diff --git a/aleksis/apps/alsijil/rules.py b/aleksis/apps/alsijil/rules.py
index e25f74cc5..3f7006e06 100644
--- a/aleksis/apps/alsijil/rules.py
+++ b/aleksis/apps/alsijil/rules.py
@@ -52,7 +52,6 @@ edit_lesson_personal_note_predicate = has_person & (
     has_global_perm("alsijil.change_personalnote")
     | has_lesson_group_object_perm("core.edit_personalnote_group")
     | is_lesson_teacher
-    | is_lesson_parent_group_owner
 )
 add_perm("alsijil.edit_lesson_personalnote", edit_lesson_personal_note_predicate)
 
@@ -127,7 +126,7 @@ register_absence_predicate = has_person & (
     has_global_perm("alsijil.register_absence")
     | has_person_group_object_perm("core.register_absence_group")
     | has_object_perm("core.register_absence_person")
-    | is_person_group_owner
+    | is_person_primary_group_owner
 )
 add_perm("alsijil.register_absence", register_absence_predicate)
 
-- 
GitLab