Refactored canRead method to get the list before checking the right (#65)

pkg/models/label_rights.go

@@ -69,7 +69,6 @@ func (l *Label) hasAccessToLabel(a web.Auth) (bool, error) {
 		Where("label_task.label_id != null OR labels.created_by_id = ?", u.ID).
 		Or(builder.In("label_task.task_id", taskIDs)).
 		And("labels.id = ?", l.ID).
-		GroupBy("labels.id").
 		Exist(&labels)
 	return has, err
 }

pkg/models/list_rights.go

@@ -45,8 +45,9 @@ func (l *List) CanRead(a web.Auth) (bool, error) {
 	user := getUserForRights(a)
 
 	// Check if the user is either owner or can read
-	// We can do this without first looking up the list because CanRead() is called after ReadOne()
-	// So are sure the list exists
+	if err := l.GetSimpleByID(); err != nil {
+		return false, err
+	}
 	if l.isOwner(user) {
 		return true, nil
 	}