From fa21d66c411aadf71031ba415b02ea12e64fd3cf Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 09:54:37 +1100
Subject: [PATCH] Fix logic for global context object 'roles'

- User may be a part of multiple groups
- Roles are additive across groups
---
 InvenTree/InvenTree/context.py | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/InvenTree/InvenTree/context.py b/InvenTree/InvenTree/context.py
index 71aee5c2c5..f9d856f566 100644
--- a/InvenTree/InvenTree/context.py
+++ b/InvenTree/InvenTree/context.py
@@ -35,18 +35,25 @@ def user_roles(request):
 
     user = request.user
 
-    roles = {}
+    roles = {
+    }
 
     for group in user.groups.all():
         for rule in group.rule_sets.all():
-            roles[rule.name] = {
-                'view': rule.can_view or user.is_superuser,
-                'add': rule.can_add or user.is_superuser,
-                'change': rule.can_change or user.is_superuser,
-                'delete': rule.can_delete or user.is_superuser,
-            }
 
-    print("Roles:")
-    print(roles)
+            # Ensure the role name is in the dict
+            if rule.name not in roles:
+                roles[rule.name] = {
+                    'view': user.is_superuser,
+                    'add': user.is_superuser,
+                    'change': user.is_superuser,
+                    'delete': user.is_superuser
+                }
+
+            # Roles are additive across groups
+            roles[rule.name]['view'] |= rule.can_view
+            roles[rule.name]['add'] |= rule.can_add
+            roles[rule.name]['change'] |= rule.can_change
+            roles[rule.name]['delete'] |= rule.can_delete
 
     return {'roles': roles}