#100 Delete applications by admin/superuser only: part2

This commit is contained in:
René Köcher 2012-04-27 22:46:27 +02:00
parent 81bc19730b
commit 537571ec69
3 changed files with 37 additions and 6 deletions

View File

@ -313,6 +313,13 @@ class Application(models.Model, SlideMixin):
Return a list of all the allowed status.
"""
actions = []
is_admin = False
if user:
try:
user.profile
is_admin = True
except Profile.DoesNotExist:
pass
# check if user allowed to withdraw an application
if ((self.status == "pub"
@ -350,11 +357,13 @@ class Application(models.Model, SlideMixin):
or user.has_perm("application.can_manage_application"):
actions.append("edit")
#Check if the user can delete the application
if self.number is None \
and self.status == "pub" \
and (self.submitter == user \
or user.has_perm("application.can_manage_application")):
# Check if the user can delete the application (admin, manager, owner)
# reworked as requiered in #100
if is_admin \
or (user.has_perm("application.can_manage_application") \
and (self.status == "pub" or self.number is None)) \
or (self.submitter == user \
and (self.status == "pub" or self.number is None)):
actions.append("delete")
#For the rest, all actions need the manage permission

View File

@ -42,7 +42,8 @@
<th><a href="?sort=time{% if 'time' in request.GET.sort and 'reverse' not in request.GET %}&reverse{%endif%}">{%trans "Creation Time" %}<a></th>
<th style="width: 1px;">{% trans "Actions" %}</th>
</tr>
{% for application in applications %}
{% for app_info in applications %}
{% with application=app_info.application useractions=app_info.actions %}
<tr class="{% cycle '' 'odd' %}
{% if application.active %}activeline{% endif %}">
<td>{% if application.number %}{{ application.number }}{% else %}-{% endif %}</td>
@ -69,12 +70,15 @@
{% endif %}
{% if perms.application.can_manage_application %}
<a href="{% url application_edit application.id %}"><img src="{% static 'images/icons/edit.png' %}" title="{% trans 'Edit application' %}"></a>
{% if "delete" in useractions %}
<a href="{% url application_delete application.id %}"><img src="{% static 'images/icons/delete.png' %}" title="{% trans 'Delete application' %}"></a>
{% endif %}
{% endif %}
<a href="{% url print_application application.id %}" title="{%trans 'Application as PDF' %}"><img src="{% static 'pdf.png' %}"></a>
</span>
</td>
</tr>
{% endwith %}
{% empty %}
<tr>
<td colspan="7"><i>{%trans "No applications available." %}</i></td>

View File

@ -113,6 +113,24 @@ def overview(request):
else:
applications = query
if type(applications) is not list:
applications = list(query.all())
# not the most efficient way to do this but 'get_allowed_actions'
# is not callable from within djangos templates..
for (i, application) in enumerate(applications):
try:
applications[i] = {
'actions' : application.get_allowed_actions(request.user),
'application' : application
}
except:
# todo: except what?
applications[i] = {
'actions' : [],
'application' : application
}
return {
'applications': applications,
'min_supporters': int(config['application_min_supporters']),