#100 Delete applications by admin/superuser only: part2
This commit is contained in:
parent
81bc19730b
commit
537571ec69
@ -313,6 +313,13 @@ class Application(models.Model, SlideMixin):
|
||||
Return a list of all the allowed status.
|
||||
"""
|
||||
actions = []
|
||||
is_admin = False
|
||||
if user:
|
||||
try:
|
||||
user.profile
|
||||
is_admin = True
|
||||
except Profile.DoesNotExist:
|
||||
pass
|
||||
|
||||
# check if user allowed to withdraw an application
|
||||
if ((self.status == "pub"
|
||||
@ -350,11 +357,13 @@ class Application(models.Model, SlideMixin):
|
||||
or user.has_perm("application.can_manage_application"):
|
||||
actions.append("edit")
|
||||
|
||||
#Check if the user can delete the application
|
||||
if self.number is None \
|
||||
and self.status == "pub" \
|
||||
and (self.submitter == user \
|
||||
or user.has_perm("application.can_manage_application")):
|
||||
# Check if the user can delete the application (admin, manager, owner)
|
||||
# reworked as requiered in #100
|
||||
if is_admin \
|
||||
or (user.has_perm("application.can_manage_application") \
|
||||
and (self.status == "pub" or self.number is None)) \
|
||||
or (self.submitter == user \
|
||||
and (self.status == "pub" or self.number is None)):
|
||||
actions.append("delete")
|
||||
|
||||
#For the rest, all actions need the manage permission
|
||||
|
@ -42,7 +42,8 @@
|
||||
<th><a href="?sort=time{% if 'time' in request.GET.sort and 'reverse' not in request.GET %}&reverse{%endif%}">{%trans "Creation Time" %}<a></th>
|
||||
<th style="width: 1px;">{% trans "Actions" %}</th>
|
||||
</tr>
|
||||
{% for application in applications %}
|
||||
{% for app_info in applications %}
|
||||
{% with application=app_info.application useractions=app_info.actions %}
|
||||
<tr class="{% cycle '' 'odd' %}
|
||||
{% if application.active %}activeline{% endif %}">
|
||||
<td>{% if application.number %}{{ application.number }}{% else %}-{% endif %}</td>
|
||||
@ -69,12 +70,15 @@
|
||||
{% endif %}
|
||||
{% if perms.application.can_manage_application %}
|
||||
<a href="{% url application_edit application.id %}"><img src="{% static 'images/icons/edit.png' %}" title="{% trans 'Edit application' %}"></a>
|
||||
{% if "delete" in useractions %}
|
||||
<a href="{% url application_delete application.id %}"><img src="{% static 'images/icons/delete.png' %}" title="{% trans 'Delete application' %}"></a>
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
<a href="{% url print_application application.id %}" title="{%trans 'Application as PDF' %}"><img src="{% static 'pdf.png' %}"></a>
|
||||
</span>
|
||||
</td>
|
||||
</tr>
|
||||
{% endwith %}
|
||||
{% empty %}
|
||||
<tr>
|
||||
<td colspan="7"><i>{%trans "No applications available." %}</i></td>
|
||||
|
@ -113,6 +113,24 @@ def overview(request):
|
||||
else:
|
||||
applications = query
|
||||
|
||||
if type(applications) is not list:
|
||||
applications = list(query.all())
|
||||
|
||||
# not the most efficient way to do this but 'get_allowed_actions'
|
||||
# is not callable from within djangos templates..
|
||||
for (i, application) in enumerate(applications):
|
||||
try:
|
||||
applications[i] = {
|
||||
'actions' : application.get_allowed_actions(request.user),
|
||||
'application' : application
|
||||
}
|
||||
except:
|
||||
# todo: except what?
|
||||
applications[i] = {
|
||||
'actions' : [],
|
||||
'application' : application
|
||||
}
|
||||
|
||||
return {
|
||||
'applications': applications,
|
||||
'min_supporters': int(config['application_min_supporters']),
|
||||
|
Loading…
Reference in New Issue
Block a user