From 537571ec6930be046f655109604d03a3b013cd54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rene=CC=81=20Ko=CC=88cher?= Date: Fri, 27 Apr 2012 22:46:27 +0200 Subject: [PATCH] #100 Delete applications by admin/superuser only: part2 --- openslides/application/models.py | 19 ++++++++++++++----- .../templates/application/overview.html | 6 +++++- openslides/application/views.py | 18 ++++++++++++++++++ 3 files changed, 37 insertions(+), 6 deletions(-) diff --git a/openslides/application/models.py b/openslides/application/models.py index 96d3c2037..86c41ace2 100644 --- a/openslides/application/models.py +++ b/openslides/application/models.py @@ -313,6 +313,13 @@ class Application(models.Model, SlideMixin): Return a list of all the allowed status. """ actions = [] + is_admin = False + if user: + try: + user.profile + is_admin = True + except Profile.DoesNotExist: + pass # check if user allowed to withdraw an application if ((self.status == "pub" @@ -350,11 +357,13 @@ class Application(models.Model, SlideMixin): or user.has_perm("application.can_manage_application"): actions.append("edit") - #Check if the user can delete the application - if self.number is None \ - and self.status == "pub" \ - and (self.submitter == user \ - or user.has_perm("application.can_manage_application")): + # Check if the user can delete the application (admin, manager, owner) + # reworked as requiered in #100 + if is_admin \ + or (user.has_perm("application.can_manage_application") \ + and (self.status == "pub" or self.number is None)) \ + or (self.submitter == user \ + and (self.status == "pub" or self.number is None)): actions.append("delete") #For the rest, all actions need the manage permission diff --git a/openslides/application/templates/application/overview.html b/openslides/application/templates/application/overview.html index 99dde2eb8..df427683b 100644 --- a/openslides/application/templates/application/overview.html +++ b/openslides/application/templates/application/overview.html @@ -42,7 +42,8 @@ {%trans "Creation Time" %} {% trans "Actions" %} - {% for application in applications %} + {% for app_info in applications %} + {% with application=app_info.application useractions=app_info.actions %} {% if application.number %}{{ application.number }}{% else %}-{% endif %} @@ -69,12 +70,15 @@ {% endif %} {% if perms.application.can_manage_application %} + {% if "delete" in useractions %} + {% endif %} {% endif %} + {% endwith %} {% empty %} {%trans "No applications available." %} diff --git a/openslides/application/views.py b/openslides/application/views.py index fddfcd6cf..b296e3031 100644 --- a/openslides/application/views.py +++ b/openslides/application/views.py @@ -113,6 +113,24 @@ def overview(request): else: applications = query + if type(applications) is not list: + applications = list(query.all()) + + # not the most efficient way to do this but 'get_allowed_actions' + # is not callable from within djangos templates.. + for (i, application) in enumerate(applications): + try: + applications[i] = { + 'actions' : application.get_allowed_actions(request.user), + 'application' : application + } + except: + # todo: except what? + applications[i] = { + 'actions' : [], + 'application' : application + } + return { 'applications': applications, 'min_supporters': int(config['application_min_supporters']),