Commit 992af3cc authored by Georgios D. Tsoukalas's avatar Georgios D. Tsoukalas
Browse files

fix project admin permissions

parent 10049d18
......@@ -664,7 +664,8 @@ def submit_application(kw, request_user=None):
if (request_user and
(not precursor.owner == request_user and
not request_user.is_superuser)):
not request_user.is_superuser
and not request_user.is_project_admin())):
m = _(astakos_messages.NOT_ALLOWED)
raise PermissionDenied(m)
......
......@@ -1620,12 +1620,6 @@ class ProjectApplication(models.Model):
except Project.DoesNotExist:
return None
def can_be_approved(self):
return self.state == self.PENDING
def can_be_dismissed(self):
return self.state == self.DENIED
def can_cancel(self):
return self.state == self.PENDING
......
......@@ -65,7 +65,7 @@
{% endif %}
{% if admin_mode %}
{% if object.can_be_approved %}
{% if object.can_approve %}
- <a style="font-size:0.7em"
href="{% url astakos.im.views.project_app_approve object.pk %}">
APPROVE</a>
......@@ -76,7 +76,7 @@
{% endif %}
{% if owner_mode %}
{% if object.can_be_dismissed %}
{% if object.can_dismiss %}
- <a style="font-size:0.7em"
href="{% url astakos.im.views.project_app_dismiss object.pk %}">
DISMISS</a>
......
......@@ -1144,7 +1144,8 @@ def project_modify(request, application_id):
except ProjectApplication.DoesNotExist:
raise Http404
if not request.user.owns_application(app):
user = request.user
if not (user.owns_application(app) or user.is_project_admin(app.id)):
m = _(astakos_messages.NOT_ALLOWED)
raise PermissionDenied(m)
......@@ -1249,11 +1250,11 @@ def common_detail(request, chain_or_app_id, project_view=True):
user = request.user
is_project_admin = user.is_project_admin(application_id=application.id)
is_owner = user.owns_application(application)
if not is_owner and not project_view:
if not (is_owner or is_project_admin) and not project_view:
m = _(astakos_messages.NOT_ALLOWED)
raise PermissionDenied(m)
if (not is_owner and project_view and
if (not (is_owner or is_project_admin) and project_view and
not user.non_owner_can_view(project)):
m = _(astakos_messages.NOT_ALLOWED)
raise PermissionDenied(m)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment