Fix bug in API now allowing delete or edit of pins

pinry/core/api.py

@@ -20,7 +20,7 @@ class PinryAuthorization(DjangoAuthorization):
         if klass is False:
             raise Unauthorized("You are not allowed to access that resource.")
 
-        permission = '%s.change_%s' % (klass._meta.app_label, klass._meta.module_name)
+        permission = '%s.change_%s' % (klass._meta.app_label, klass._meta.model_name)
 
         if not bundle.request.user.has_perm(permission, bundle.obj):
             raise Unauthorized("You are not allowed to access that resource.")
@@ -33,7 +33,8 @@ class PinryAuthorization(DjangoAuthorization):
         if klass is False:
             raise Unauthorized("You are not allowed to access that resource.")
 
-        permission = '%s.delete_%s' % (klass._meta.app_label, klass._meta.module_name)
+        print dir(klass._meta)
+        permission = '%s.delete_%s' % (klass._meta.app_label, klass._meta.model_name)
 
         if not bundle.request.user.has_perm(permission, bundle.obj):
             raise Unauthorized("You are not allowed to access that resource.")