Merge pull request #3035 from FinnStutzenstein/Issue3003
Always provide the list of speakers (closes #3003)
This commit is contained in:
commit
cc6d2a6ca9
@ -15,6 +15,7 @@ Agenda:
|
|||||||
- Added option to choose whether to show the current list of speakers slide
|
- Added option to choose whether to show the current list of speakers slide
|
||||||
as a slide or an overlay.
|
as a slide or an overlay.
|
||||||
- Manage speakers on the current list of speakers view.
|
- Manage speakers on the current list of speakers view.
|
||||||
|
- List of speakers for hidden items is always visible.
|
||||||
|
|
||||||
Core:
|
Core:
|
||||||
- Added support for multiple projectors.
|
- Added support for multiple projectors.
|
||||||
|
@ -27,17 +27,29 @@ class ItemAccessPermissions(BaseAccessPermissions):
|
|||||||
Returns the restricted serialized data for the instance prepared
|
Returns the restricted serialized data for the instance prepared
|
||||||
for the user.
|
for the user.
|
||||||
"""
|
"""
|
||||||
if (has_perm(user, 'agenda.can_see') and
|
if has_perm(user, 'agenda.can_see'):
|
||||||
(not full_data['is_hidden'] or
|
if full_data['is_hidden'] and not has_perm(user, 'agenda.can_see_hidden_items'):
|
||||||
has_perm(user, 'agenda.can_see_hidden_items'))):
|
# The data is hidden but the user isn't allowed to see it. Jst pass
|
||||||
if has_perm(user, 'agenda.can_manage'):
|
# the whitelisted keys so the list of speakers is provided regardless.
|
||||||
data = full_data
|
whitelist = (
|
||||||
else:
|
'id',
|
||||||
# Strip out item comments for unprivileged users.
|
'title',
|
||||||
|
'speakers',
|
||||||
|
'speaker_list_closed',
|
||||||
|
'content_object',)
|
||||||
data = {}
|
data = {}
|
||||||
for key in full_data.keys():
|
for key in full_data.keys():
|
||||||
if key != 'comment':
|
if key in whitelist:
|
||||||
data[key] = full_data[key]
|
data[key] = full_data[key]
|
||||||
|
else:
|
||||||
|
if has_perm(user, 'agenda.can_manage'):
|
||||||
|
data = full_data
|
||||||
|
else:
|
||||||
|
# Strip out item comments for unprivileged users.
|
||||||
|
data = {}
|
||||||
|
for key in full_data.keys():
|
||||||
|
if key != 'comment':
|
||||||
|
data[key] = full_data[key]
|
||||||
else:
|
else:
|
||||||
data = None
|
data = None
|
||||||
return data
|
return data
|
||||||
|
@ -104,7 +104,13 @@ angular.module('OpenSlidesApp.agenda.site', [
|
|||||||
$scope.$watch(function () {
|
$scope.$watch(function () {
|
||||||
return Agenda.lastModified();
|
return Agenda.lastModified();
|
||||||
}, function () {
|
}, function () {
|
||||||
$scope.items = AgendaTree.getFlatTree(Agenda.getAll());
|
// Filter out items that doesn't have the list_item_title. This happens, if the
|
||||||
|
// item is a hidden item but provides the list of speakers, but should not be
|
||||||
|
// visible in the list view.
|
||||||
|
var allowedItems = _.filter(Agenda.getAll(), function (item) {
|
||||||
|
return item.list_view_title;
|
||||||
|
});
|
||||||
|
$scope.items = AgendaTree.getFlatTree(allowedItems);
|
||||||
var subitems = $filter('filter')($scope.items, {'parent_id': ''});
|
var subitems = $filter('filter')($scope.items, {'parent_id': ''});
|
||||||
if (subitems.length) {
|
if (subitems.length) {
|
||||||
$scope.agendaHasSubitems = true;
|
$scope.agendaHasSubitems = true;
|
||||||
|
@ -41,7 +41,25 @@ class RetrieveItem(TestCase):
|
|||||||
permission = group.permissions.get(content_type__app_label=app_label, codename=codename)
|
permission = group.permissions.get(content_type__app_label=app_label, codename=codename)
|
||||||
group.permissions.remove(permission)
|
group.permissions.remove(permission)
|
||||||
response = self.client.get(reverse('item-detail', args=[self.item.pk]))
|
response = self.client.get(reverse('item-detail', args=[self.item.pk]))
|
||||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||||
|
self.assertEqual(sorted(response.data.keys()), sorted((
|
||||||
|
'id',
|
||||||
|
'title',
|
||||||
|
'speakers',
|
||||||
|
'speaker_list_closed',
|
||||||
|
'content_object',)))
|
||||||
|
forbidden_keys = (
|
||||||
|
'item_number',
|
||||||
|
'list_view_title',
|
||||||
|
'comment',
|
||||||
|
'closed',
|
||||||
|
'type',
|
||||||
|
'is_hidden',
|
||||||
|
'duration',
|
||||||
|
'weight',
|
||||||
|
'parent',)
|
||||||
|
for key in forbidden_keys:
|
||||||
|
self.assertFalse(key in response.data.keys())
|
||||||
|
|
||||||
def test_normal_by_anonymous_cant_see_agenda_comments(self):
|
def test_normal_by_anonymous_cant_see_agenda_comments(self):
|
||||||
self.item.type = Item.AGENDA_ITEM
|
self.item.type = Item.AGENDA_ITEM
|
||||||
|
Loading…
Reference in New Issue
Block a user