FIX: dav_event_office: use has_global_permission instead of has_role to
give access to super users.
This commit is contained in:
@@ -9,8 +9,8 @@ from django.utils.decorators import method_decorator
|
|||||||
from django.views import generic
|
from django.views import generic
|
||||||
|
|
||||||
from dav_events.models import Participant
|
from dav_events.models import Participant
|
||||||
from dav_events.roles import has_role
|
|
||||||
from dav_events.views.events import EventListView as _EventListView, EventRegistrationsView as _EventRegistrationsView
|
from dav_events.views.events import EventListView as _EventListView, EventRegistrationsView as _EventRegistrationsView
|
||||||
|
from dav_events.workflow import DefaultWorkflow
|
||||||
|
|
||||||
|
|
||||||
class HomeView(generic.TemplateView):
|
class HomeView(generic.TemplateView):
|
||||||
@@ -22,8 +22,8 @@ class EventListView(_EventListView):
|
|||||||
|
|
||||||
@method_decorator(login_required)
|
@method_decorator(login_required)
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
if not has_role(request.user, 'office'):
|
if not DefaultWorkflow.has_global_permission(request.user, 'payment'):
|
||||||
raise PermissionDenied('Zugang nur für die Geschäftsstelle')
|
raise PermissionDenied('payment')
|
||||||
return super(EventListView, self).dispatch(request, *args, **kwargs)
|
return super(EventListView, self).dispatch(request, *args, **kwargs)
|
||||||
|
|
||||||
|
|
||||||
@@ -32,8 +32,8 @@ class EventDetailView(_EventRegistrationsView):
|
|||||||
|
|
||||||
@method_decorator(login_required)
|
@method_decorator(login_required)
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
if not has_role(request.user, 'office'):
|
if not DefaultWorkflow.has_global_permission(request.user, 'payment'):
|
||||||
raise PermissionDenied('Zugang nur für die Geschäftsstelle')
|
raise PermissionDenied('payment')
|
||||||
return super(EventDetailView, self).dispatch(request, *args, **kwargs)
|
return super(EventDetailView, self).dispatch(request, *args, **kwargs)
|
||||||
|
|
||||||
|
|
||||||
@@ -59,6 +59,6 @@ class ParticipantListView(generic.ListView):
|
|||||||
|
|
||||||
@method_decorator(login_required)
|
@method_decorator(login_required)
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
if not has_role(request.user, 'office'):
|
if not DefaultWorkflow.has_global_permission(request.user, 'payment'):
|
||||||
raise PermissionDenied('Zugang nur für die Geschäftsstelle')
|
raise PermissionDenied('payment')
|
||||||
return super(ParticipantListView, self).dispatch(request, *args, **kwargs)
|
return super(ParticipantListView, self).dispatch(request, *args, **kwargs)
|
||||||
|
|||||||
@@ -475,6 +475,8 @@ class BasicWorkflow(object):
|
|||||||
|
|
||||||
if permission == 'export':
|
if permission == 'export':
|
||||||
return has_role(user, 'publisher')
|
return has_role(user, 'publisher')
|
||||||
|
elif permission == 'payment':
|
||||||
|
return has_role(user, 'office')
|
||||||
return False
|
return False
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|||||||
Reference in New Issue
Block a user