From a81d3071860b773473f1277908b2f3ea1a5219aa Mon Sep 17 00:00:00 2001
From: Jonathan Weth <git@jonathanweth.de>
Date: Sat, 16 Sep 2023 17:01:21 +0200
Subject: [PATCH] Fix permission checking in actions by providing user object

---
 aleksis/apps/kort/tables.py | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/aleksis/apps/kort/tables.py b/aleksis/apps/kort/tables.py
index 9cc9b6c..85fb254 100644
--- a/aleksis/apps/kort/tables.py
+++ b/aleksis/apps/kort/tables.py
@@ -34,7 +34,8 @@ class CardTable(Table):
 
     def render_actions(self, value, record):
         return render_to_string(
-            "kort/card/actions.html", dict(pk=value, card=record, printer_form=PrinterSelectForm())
+            "kort/card/actions.html",
+            dict(pk=value, card=record, printer_form=PrinterSelectForm(), user=self.request.user),
         )
 
 
@@ -62,7 +63,9 @@ class CardPrinterTable(Table):
         )
 
     def render_actions(self, value, record):
-        return render_to_string("kort/printer/actions.html", dict(pk=value, printer=record))
+        return render_to_string(
+            "kort/printer/actions.html", dict(pk=value, printer=record, user=self.request.user)
+        )
 
 
 class CardLayoutTable(Table):
@@ -78,7 +81,10 @@ class CardLayoutTable(Table):
     actions = Column(verbose_name=_("Actions"), accessor=A("pk"))
 
     def render_actions(self, value, record):
-        return render_to_string("kort/card_layout/actions.html", dict(pk=value, card_layout=record))
+        return render_to_string(
+            "kort/card_layout/actions.html",
+            dict(pk=value, card_layout=record, user=self.request.user),
+        )
 
 
 class IssueCardPersonsTable(Table):
-- 
GitLab