Commits

Kai Diefenbach committed ee99114

Bugfix: removed mutuable parameters.

Comments (0)

Files changed (2)

permissions/__init__.py

         """
         return permissions.utils.remove_permission(self, role, permission)
 
-    def has_permission(self, user, permission, roles=[]):
+    def has_permission(self, user, permission, roles=None):
         """Returns True if the passed user has passed permission for this
         instance. Otherwise False.
 
             If passed, these roles will be assigned to the user temporarily
             before the permissions are checked.
         """
+        if roles is None:
+            roles = []
         return permissions.utils.has_permission(self, user, permission, roles)
 
-    def check_permission(self, user, permission, roles=[]):
+    def check_permission(self, user, permission, roles=None):
         """Raise Unauthorized if the the passed user hasn't passed permission 
         for this instance.
 
             If passed, these roles will be assigned to the user temporarily
             before the permissions are checked.
         """
+        if roles is None:
+            roles = []
+
         if not self.has_permission(user, permission, roles):
             raise Unauthorized("User %s doesn't have permission %s for object %s" % (user, permission, obj.slug))
 

permissions/utils.py

 
 # Registering ################################################################
 
-def register_permission(name, codename, ctypes=[]):
+def register_permission(name, codename, ctypes=None):
     """Registers a permission to the framework. Returns the permission if the
     registration was successfully, otherwise False.
 
         used to display only reasonable permissions for an object. This
         must be a Django ContentType
     """
+    if ctypes = None:
+        ctypes = []
+
     # Permission with same codename and/or name must not exist.
     if Permission.objects.filter(Q(name=name) | Q(codename=codename)):
         return False