From 67dd626c65b7ae79a21ee9322d1946121078130f Mon Sep 17 00:00:00 2001
From: Khanh Ngo <ngokhanhit@gmail.com>
Date: Tue, 4 Sep 2018 17:58:13 +0700
Subject: [PATCH] Fix the user role checking in History routes

---
 app/templates/admin_history.html | 2 +-
 app/views.py                     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/templates/admin_history.html b/app/templates/admin_history.html
index 82f555b..07609ef 100644
--- a/app/templates/admin_history.html
+++ b/app/templates/admin_history.html
@@ -23,7 +23,7 @@
                     <h3 class="box-title">History Management</h3>
                 </div>
                 <div class="box-body clearfix">
-                    <button type="button" class="btn btn-flat btn-danger pull-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role != 'Administrator' %}disabled{% endif %}>
+                    <button type="button" class="btn btn-flat btn-danger pull-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
                         Clear History&nbsp;<i class="fa fa-trash"></i>
                     </button>
                 </div>
diff --git a/app/views.py b/app/views.py
index aeb82e9..da0bb6a 100644
--- a/app/views.py
+++ b/app/views.py
@@ -1324,7 +1324,7 @@ def admin_manageaccount():
 @operator_role_required
 def admin_history():
     if request.method == 'POST':
-        if current_user.role != 'Administrator':
+        if current_user.role.name != 'Administrator':
             return make_response(jsonify( { 'status': 'error', 'msg': 'You do not have permission to remove history.' } ), 401)
 
         h = History()