#100 Delete applications by admin/superuser only: part2

This commit is contained in:
René Köcher 2012-04-27 22:46:27 +02:00
parent 81bc19730b
commit 537571ec69
3 changed files with 37 additions and 6 deletions

View File

@ -313,6 +313,13 @@ class Application(models.Model, SlideMixin):
Return a list of all the allowed status. Return a list of all the allowed status.
""" """
actions = [] actions = []
is_admin = False
if user:
try:
user.profile
is_admin = True
except Profile.DoesNotExist:
pass
# check if user allowed to withdraw an application # check if user allowed to withdraw an application
if ((self.status == "pub" if ((self.status == "pub"
@ -350,11 +357,13 @@ class Application(models.Model, SlideMixin):
or user.has_perm("application.can_manage_application"): or user.has_perm("application.can_manage_application"):
actions.append("edit") actions.append("edit")
#Check if the user can delete the application # Check if the user can delete the application (admin, manager, owner)
if self.number is None \ # reworked as requiered in #100
and self.status == "pub" \ if is_admin \
and (self.submitter == user \ or (user.has_perm("application.can_manage_application") \
or user.has_perm("application.can_manage_application")): and (self.status == "pub" or self.number is None)) \
or (self.submitter == user \
and (self.status == "pub" or self.number is None)):
actions.append("delete") actions.append("delete")
#For the rest, all actions need the manage permission #For the rest, all actions need the manage permission

View File

@ -42,7 +42,8 @@
<th><a href="?sort=time{% if 'time' in request.GET.sort and 'reverse' not in request.GET %}&reverse{%endif%}">{%trans "Creation Time" %}<a></th> <th><a href="?sort=time{% if 'time' in request.GET.sort and 'reverse' not in request.GET %}&reverse{%endif%}">{%trans "Creation Time" %}<a></th>
<th style="width: 1px;">{% trans "Actions" %}</th> <th style="width: 1px;">{% trans "Actions" %}</th>
</tr> </tr>
{% for application in applications %} {% for app_info in applications %}
{% with application=app_info.application useractions=app_info.actions %}
<tr class="{% cycle '' 'odd' %} <tr class="{% cycle '' 'odd' %}
{% if application.active %}activeline{% endif %}"> {% if application.active %}activeline{% endif %}">
<td>{% if application.number %}{{ application.number }}{% else %}-{% endif %}</td> <td>{% if application.number %}{{ application.number }}{% else %}-{% endif %}</td>
@ -69,12 +70,15 @@
{% endif %} {% endif %}
{% if perms.application.can_manage_application %} {% if perms.application.can_manage_application %}
<a href="{% url application_edit application.id %}"><img src="{% static 'images/icons/edit.png' %}" title="{% trans 'Edit application' %}"></a> <a href="{% url application_edit application.id %}"><img src="{% static 'images/icons/edit.png' %}" title="{% trans 'Edit application' %}"></a>
{% if "delete" in useractions %}
<a href="{% url application_delete application.id %}"><img src="{% static 'images/icons/delete.png' %}" title="{% trans 'Delete application' %}"></a> <a href="{% url application_delete application.id %}"><img src="{% static 'images/icons/delete.png' %}" title="{% trans 'Delete application' %}"></a>
{% endif %} {% endif %}
{% endif %}
<a href="{% url print_application application.id %}" title="{%trans 'Application as PDF' %}"><img src="{% static 'pdf.png' %}"></a> <a href="{% url print_application application.id %}" title="{%trans 'Application as PDF' %}"><img src="{% static 'pdf.png' %}"></a>
</span> </span>
</td> </td>
</tr> </tr>
{% endwith %}
{% empty %} {% empty %}
<tr> <tr>
<td colspan="7"><i>{%trans "No applications available." %}</i></td> <td colspan="7"><i>{%trans "No applications available." %}</i></td>

View File

@ -113,6 +113,24 @@ def overview(request):
else: else:
applications = query applications = query
if type(applications) is not list:
applications = list(query.all())
# not the most efficient way to do this but 'get_allowed_actions'
# is not callable from within djangos templates..
for (i, application) in enumerate(applications):
try:
applications[i] = {
'actions' : application.get_allowed_actions(request.user),
'application' : application
}
except:
# todo: except what?
applications[i] = {
'actions' : [],
'application' : application
}
return { return {
'applications': applications, 'applications': applications,
'min_supporters': int(config['application_min_supporters']), 'min_supporters': int(config['application_min_supporters']),