Implemented tag that checks if user is authorized.
This commit is contained in:
parent
7943537276
commit
5035c6fe2f
@ -4,6 +4,7 @@
|
|||||||
|
|
||||||
{% load thumbnail %}
|
{% load thumbnail %}
|
||||||
{% load svg_icon %}
|
{% load svg_icon %}
|
||||||
|
{% load lostplaces %}
|
||||||
|
|
||||||
{% block additional_head %}
|
{% block additional_head %}
|
||||||
<link rel="stylesheet" href="{% static 'maps/ol.css' %}" type="text/css">
|
<link rel="stylesheet" href="{% static 'maps/ol.css' %}" type="text/css">
|
||||||
@ -36,10 +37,8 @@
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
<section class="LP-Section">
|
<section class="LP-Section">
|
||||||
|
|
||||||
{% url 'place_tag_submit' place_id=place.id as tag_submit_url%}
|
{% url 'place_tag_submit' place_id=place.id as tag_submit_url%}
|
||||||
{% include 'partials/tagging.html' with config=tagging_config %}
|
{% include 'partials/tagging.html' with config=tagging_config %}
|
||||||
|
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
<section class="LP-Section">
|
<section class="LP-Section">
|
||||||
@ -63,7 +62,8 @@
|
|||||||
<a target="_blank" href="{{photo_album.url}}" class="LP-Link">
|
<a target="_blank" href="{{photo_album.url}}" class="LP-Link">
|
||||||
<span class="LP-Text">{{photo_album.label}}</span>
|
<span class="LP-Text">{{photo_album.label}}</span>
|
||||||
</a>
|
</a>
|
||||||
{% if user.explorer == photo_album.submitted_by or user.explorer == place.submitted_by %}
|
{% can_modify_place_asset photo_album request as authorized %}
|
||||||
|
{% if authorized %}
|
||||||
<a href="{% url 'photo_album_delete' pk=photo_album.pk%}" class="LP-Link LP-LinkList__ItemHover" title="Delete Photo Album">
|
<a href="{% url 'photo_album_delete' pk=photo_album.pk%}" class="LP-Link LP-LinkList__ItemHover" title="Delete Photo Album">
|
||||||
<div class="RV-Iconized__Container RV-Iconized__Container--small">
|
<div class="RV-Iconized__Container RV-Iconized__Container--small">
|
||||||
{% icon 'trash' className="RV-Iconized__Icon" %}
|
{% icon 'trash' className="RV-Iconized__Icon" %}
|
||||||
@ -98,7 +98,8 @@
|
|||||||
<a href="{{ place_image.filename.large.url }}" class="LP-Link">
|
<a href="{{ place_image.filename.large.url }}" class="LP-Link">
|
||||||
<img class="LP-Image" src="{{ place_image.filename.thumbnail.url }}">
|
<img class="LP-Image" src="{{ place_image.filename.thumbnail.url }}">
|
||||||
</a>
|
</a>
|
||||||
{% if user.explorer == place_image.submitted_by or user.explorer == place.submitted_by %}
|
{% can_modify_place_asset place_image request as authorized %}
|
||||||
|
{% if authorized %}
|
||||||
<span class="LP-ImageGrid__DeleteItem" title="Bild löschen">
|
<span class="LP-ImageGrid__DeleteItem" title="Bild löschen">
|
||||||
<a href="{% url 'place_image_delete' pk=place_image.id %}" class="LP-Link">
|
<a href="{% url 'place_image_delete' pk=place_image.id %}" class="LP-Link">
|
||||||
<img class="LP-Icon" src="{% static 'icons/cancel.svg' %}" />
|
<img class="LP-Icon" src="{% static 'icons/cancel.svg' %}" />
|
||||||
|
|||||||
@ -26,10 +26,11 @@ def proper_paginate(paginator, current_page, neighbors=2):
|
|||||||
return paginator.page_range
|
return paginator.page_range
|
||||||
|
|
||||||
@register.simple_tag
|
@register.simple_tag
|
||||||
def can_modify_place_asset(place_asset):
|
def can_modify_place_asset(place_asset, request, *args, **kwargs):
|
||||||
|
print(place_asset.place.submitted_by, place_asset.submitted_by, request.user)
|
||||||
if request.user.is_superuser:
|
if request.user.is_superuser:
|
||||||
return True
|
return True
|
||||||
if request.user == ( place_asset.place.submitted_by or place_asset.submitted_by):
|
if request.user.explorer == place_asset.place.submitted_by or request.user.explorer == place_asset.submitted_by:
|
||||||
return True
|
return True
|
||||||
else:
|
else:
|
||||||
return False
|
return False
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user