From 5802167b724f1be6e2bcef7a917ca5bdcc69db5a Mon Sep 17 00:00:00 2001
From: Isaac Bythewood <isaac@bythewood.me>
Date: Thu, 4 Feb 2016 01:34:19 +0000
Subject: [PATCH] Fix bug in API now allowing delete or edit of pins

---
 pinry/core/api.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pinry/core/api.py b/pinry/core/api.py
index 958d59c..eea8d49 100644
--- a/pinry/core/api.py
+++ b/pinry/core/api.py
@@ -20,7 +20,7 @@ class PinryAuthorization(DjangoAuthorization):
         if klass is False:
             raise Unauthorized("You are not allowed to access that resource.")
 
-        permission = '%s.change_%s' % (klass._meta.app_label, klass._meta.module_name)
+        permission = '%s.change_%s' % (klass._meta.app_label, klass._meta.model_name)
 
         if not bundle.request.user.has_perm(permission, bundle.obj):
             raise Unauthorized("You are not allowed to access that resource.")
@@ -33,7 +33,8 @@ class PinryAuthorization(DjangoAuthorization):
         if klass is False:
             raise Unauthorized("You are not allowed to access that resource.")
 
-        permission = '%s.delete_%s' % (klass._meta.app_label, klass._meta.module_name)
+        print dir(klass._meta)
+        permission = '%s.delete_%s' % (klass._meta.app_label, klass._meta.model_name)
 
         if not bundle.request.user.has_perm(permission, bundle.obj):
             raise Unauthorized("You are not allowed to access that resource.")