Org applications can now only be made by a user when a program allows it.
To do this a new access_type has been added called apply. This ensures that users can only used the seeded version of create.
Also the review_overview now has his own access type to ensure the separability of hosts for different sponsors in case of org app reviews.
Note that the access checks for hosts are broken and only give access to developers at the moment.
Patch by: Lennard de Rijk
Reviewed by: to-be-reviewed
--- a/app/soc/views/models/club_app.py Thu Feb 05 22:13:49 2009 +0000
+++ b/app/soc/views/models/club_app.py Thu Feb 05 22:15:38 2009 +0000
@@ -57,8 +57,10 @@
rights['list'] = ['checkIsUser']
rights['public'] = [('checkCanEditGroupApp',
[club_app_logic.logic])]
+ # TODO(ljvderijk) make sure host role check is fixed
rights['review'] = [('checkHasActiveRole', host_logic.logic),
('checkCanReviewGroupApp', [club_app_logic.logic])]
+ rights['review_overview'] = [('checkHasActiveRole', host_logic.logic)]
new_params = {}
--- a/app/soc/views/models/group_app.py Thu Feb 05 22:13:49 2009 +0000
+++ b/app/soc/views/models/group_app.py Thu Feb 05 22:15:38 2009 +0000
@@ -65,7 +65,7 @@
new_params['create_template'] = 'soc/models/twoline_edit.html'
new_params['edit_template'] = 'soc/models/twoline_edit.html'
- patterns = [(r'^%(url_name)s/(?P<access_type>review)$',
+ patterns = [(r'^%(url_name)s/(?P<access_type>review_overview)$',
'soc.views.models.%(module_name)s.review_overview',
'Review %(name_plural)s'),
(r'^%(url_name)s/(?P<access_type>review)/%(key_fields)s$',
@@ -76,7 +76,7 @@
new_params['sidebar_additional'] = [
('/%(url_name)s/review' % params,
- 'Review %(name_plural)s' % params, 'review')]
+ 'Review %(name_plural)s' % params, 'review_overview')]
new_params['extra_dynaexclude'] = ['applicant', 'backup_admin', 'status',
'created_on', 'last_modified_on']
--- a/app/soc/views/models/org_app.py Thu Feb 05 22:13:49 2009 +0000
+++ b/app/soc/views/models/org_app.py Thu Feb 05 22:15:38 2009 +0000
@@ -29,6 +29,7 @@
from soc.logic import models as model_logic
from soc.logic.models import org_app as org_app_logic
from soc.views.helper import access
+from soc.views.helper import decorators
from soc.views.helper import redirects
from soc.views.models import group_app
from soc.views.models import program as program_view
@@ -48,18 +49,23 @@
params: a dict with params for this View
"""
- #TODO(ljvderijk) do the right rights check
rights = access.Checker(params)
rights['create'] = ['checkIsDeveloper']
rights['delete'] = [('checkCanEditGroupApp',
- [org_app_logic.logic])]
+ [org_app_logic.logic]),
+ ('checkIsActivePeriod', ['org_signup', 'scope_path'])]
rights['edit'] = [('checkCanEditGroupApp',
- [org_app_logic.logic])]
+ [org_app_logic.logic]),
+ ('checkIsActivePeriod', ['org_signup', 'scope_path'])]
rights['list'] = ['checkIsDeveloper']
rights['public'] = [('checkCanEditGroupApp',
[org_app_logic.logic])]
- rights['review'] = ['checkIsDeveloper',
+ # TODO(ljvderijk) fix host access check
+ rights['review'] = ['checkIsHostForProgram',
('checkCanReviewGroupApp', [org_app_logic.logic])]
+ rights['review_overview'] = ['checkIsDeveloper']
+ rights['apply'] = ['checkIsUser',
+ ('checkCanCreateOrgApp', ['org_signup'])]
new_params = {}
@@ -71,6 +77,12 @@
new_params['sidebar_grouping'] = 'Organizations'
+ patterns = [(r'^%(url_name)s/(?P<access_type>apply)/%(scope)s$',
+ 'soc.views.models.%(module_name)s.create',
+ 'Create an %(name_plural)s'),]
+
+ new_params['extra_django_patterns'] = patterns
+
new_params['extra_dynaexclude'] = ['applicant', 'backup_admin', 'status',
'created_on', 'last_modified_on']
--- a/app/soc/views/models/program.py Thu Feb 05 22:13:49 2009 +0000
+++ b/app/soc/views/models/program.py Thu Feb 05 22:15:38 2009 +0000
@@ -199,7 +199,7 @@
if timeline_helper.isActivePeriod(timeline_entity, 'org_signup'):
# add the organization signup link
items += [
- (redirects.getCreateRedirect(program_entity, {'url_name': 'org_app'}),
+ (redirects.getApplyRedirect(program_entity, {'url_name': 'org_app'}),
"Apply to become an Organization", 'any_access')]
return items