From d662eeacf213b823d5c811aa39b994991519154a Mon Sep 17 00:00:00 2001 From: Nassim Tabchiche Date: Thu, 26 Sep 2024 17:40:39 +0200 Subject: [PATCH] Fix add_appliedcontrol permission codename --- backend/core/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/core/views.py b/backend/core/views.py index fc6c21fd1..6af9f6117 100644 --- a/backend/core/views.py +++ b/backend/core/views.py @@ -1827,7 +1827,7 @@ def create_suggested_applied_controls(request, pk): compliance_assessment = ComplianceAssessment.objects.get(id=pk) if not RoleAssignment.is_access_allowed( user=request.user, - perm=Permission.objects.get(codename="create_appliedcontrol"), + perm=Permission.objects.get(codename="add_appliedcontrol"), folder=compliance_assessment.folder, ): return Response(status=status.HTTP_403_FORBIDDEN) @@ -1933,7 +1933,7 @@ def create_suggested_applied_controls(request, pk): requirement_assessment = RequirementAssessment.objects.get(id=pk) if not RoleAssignment.is_access_allowed( user=request.user, - perm=Permission.objects.get(codename="create_appliedcontrol"), + perm=Permission.objects.get(codename="add_appliedcontrol"), folder=requirement_assessment.folder, ): return Response(status=status.HTTP_403_FORBIDDEN)