summaryrefslogtreecommitdiff
path: root/coip/apps/activitystreams/views.py
diff options
context:
space:
mode:
Diffstat (limited to 'coip/apps/activitystreams/views.py')
-rw-r--r--coip/apps/activitystreams/views.py2
1 files changed, 2 insertions, 0 deletions
diff --git a/coip/apps/activitystreams/views.py b/coip/apps/activitystreams/views.py
index 91ba957..235ecd8 100644
--- a/coip/apps/activitystreams/views.py
+++ b/coip/apps/activitystreams/views.py
@@ -49,6 +49,8 @@ def activity_to_json(activity):
@oauth2_required(scope='memberships')
def name(request,id):
name = get_object_or_404(Name,pk=id)
+ if not name.has_permission(request.user,'r'):
+ return render403(request,"You do not have permission to view membership information for %s" % (name))
# check ownership
stream = Action.objects.stream_for_object_as_target(name)
if stream:
generated by cgit v1.1 at 2024-10-09 00:27:54 +0000