Fix permissions for non-admin users

2016-06-15 21:07:47 +02:00
parent ef3284d6b4
commit 5c1441486b
1 changed files with 1 additions and 1 deletions
--- a/admin/freeposte/admin/utils.py
+++ b/admin/freeposte/admin/utils.py
@@ -27,7 +27,7 @@ def get_user(user_email, admin=False):
    if not user.domain in flask_login.current_user.get_managed_domains():
        if admin:
            flask.abort(403)
-        elif not user == flask_login.current_user:
+        elif not user.email == flask_login.current_user.email:
            flask.abort(403)
    return user