misc: fix asset deletion when CKEDITOR_RESTRICT_BY_USER is set (#8831)

2015-10-31 16:47:35 +01:00 · 2015-10-31 16:47:35 +01:00 · da6a770a4a
parent 1cb6e7cfcb
commit da6a770a4a
1 changed files with 2 additions and 1 deletions
--- a/combo/manager/views.py
+++ b/combo/manager/views.py
@ -15,6 +15,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.

 import json
+import os

 import ckeditor

@ -308,7 +309,7 @@ def asset_delete(request):
        raise PermissionDenied() # better safe than sorry
    base_path = settings.CKEDITOR_UPLOAD_PATH
    if getattr(settings, 'CKEDITOR_RESTRICT_BY_USER', False):
-        base_path = os.path.join(base_path, user.username)
+        base_path = os.path.join(base_path, request.user.username)
    if not img_orig.startswith(base_path):
        raise PermissionDenied()
    default_storage.delete(img_orig)