ag-admin/OpenSlides
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

check permission in motion view

Browse Source
This commit is contained in:
Oskar Hahn 2013-02-02 10:59:07 +01:00
parent 3ffb16d4d8
commit 2e430b4406
2 changed files with 12 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
openslides/motion/views.py
View File

@ -126,9 +126,11 @@ class MotionUpdateView(MotionMixin, UpdateView):
""" """
Update a motion. Update a motion.
""" """
# TODO: set permissions
model = Motion model = Motion
def has_permission(self, request, *args, **kwargs):
return self.get_object().get_allowed_actions(request.user)['edit']
motion_edit = MotionUpdateView.as_view() motion_edit = MotionUpdateView.as_view()
@ -138,7 +140,9 @@ class MotionDeleteView(DeleteView):
""" """
model = Motion model = Motion
success_url_name = 'motion_list' success_url_name = 'motion_list'
# TODO: Check permissions
def has_permission(self, request, *args, **kwargs):
return self.get_object().get_allowed_actions(request.user)['delete']
motion_delete = MotionDeleteView.as_view() motion_delete = MotionDeleteView.as_view()
@ -156,24 +160,23 @@ class SupportView(SingleObjectMixin, QuestionMixin, RedirectView):
self.object = self.get_object() self.object = self.get_object()
return super(SupportView, self).get(request, *args, **kwargs) return super(SupportView, self).get(request, *args, **kwargs)
def check_allowed_actions(self, request): def check_permission(self, request):
""" """
Checks whether request.user can support or unsupport the motion. Checks whether request.user can support or unsupport the motion.
Returns True or False. Returns True or False.
""" """
return True # TODO
allowed_actions = self.object.get_allowed_actions(request.user) allowed_actions = self.object.get_allowed_actions(request.user)
if self.support and not 'support' in allowed_actions: if self.support and not allowed_actions['support']:
messages.error(request, _('You can not support this motion.')) messages.error(request, _('You can not support this motion.'))
return False return False
elif not self.support and not 'unsupport' in allowed_actions: elif not self.support and not allowed_actions['unsupport']:
messages.error(request, _('You can not unsupport this motion.')) messages.error(request, _('You can not unsupport this motion.'))
return False return False
else: else:
return True return True
def pre_redirect(self, request, *args, **kwargs): def pre_redirect(self, request, *args, **kwargs):
if self.check_allowed_actions(request): if self.check_permission(request):
super(SupportView, self).pre_redirect(request, *args, **kwargs) super(SupportView, self).pre_redirect(request, *args, **kwargs)
def get_question(self): def get_question(self):
@ -183,7 +186,7 @@ class SupportView(SingleObjectMixin, QuestionMixin, RedirectView):
return _('Do you really want to unsupport this motion?') return _('Do you really want to unsupport this motion?')
def case_yes(self): def case_yes(self):
if self.check_allowed_actions(self.request): if self.check_permission(self.request):
if self.support: if self.support:
self.object.support(person=self.request.user) self.object.support(person=self.request.user)
else: else:

8
openslides/utils/views.py
View File

@ -11,13 +11,7 @@
""" """
import json import json
from cStringIO import StringIO
try:
from cStringIO import StringIO
except ImportError:
# Is this exception realy necessary?
from StringIO import StringIO
from reportlab.platypus import SimpleDocTemplate, Spacer from reportlab.platypus import SimpleDocTemplate, Spacer
from reportlab.lib.units import cm from reportlab.lib.units import cm