From 3325617a26eeabc2ecc8f7172cb74a88e18d2bbb Mon Sep 17 00:00:00 2001
From: Branson Stephens <branson.stephens@ligo.org>
Date: Tue, 25 Aug 2015 16:35:30 -0500
Subject: [PATCH] Fixed bug with perm modifying views in REST API.

---
 gracedb/api.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gracedb/api.py b/gracedb/api.py
index 0e6987b2d..b3f820c55 100644
--- a/gracedb/api.py
+++ b/gracedb/api.py
@@ -1320,7 +1320,7 @@ class GroupEventPermissionDetail(APIView):
     @group_required
     @event_perm_object_required
     def put(self, request, event, group, permission):
-        if not request.user.has_perm("guardian.groupobjectpermission_add"):
+        if not request.user.has_perm("guardian.add_groupobjectpermission"):
             return HttpResponseForbidden("You don't have permission to change permission objects.")
 
         # Get or create the GroupObjectPermission object
@@ -1376,7 +1376,7 @@ class GroupEventPermissionDetail(APIView):
     @event_perm_object_required
     def delete(self, request, event, group, permission):
 
-        if not request.user.has_perm("guardian.groupobjectpermission_delete"):
+        if not request.user.has_perm("guardian.delete_groupobjectpermission"):
             return HttpResponseForbidden("You don't have permission to change permission objects.")
 
         # Get the GroupObjectPermission object
-- 
GitLab