Changed the access checks for organization.
authorLennard de Rijk <ljvderijk@gmail.com>
Wed, 11 Feb 2009 20:55:17 +0000 (2009-02-11)
changeset 1266 e8feadcbc47f
parent 1265 cecb2b35f805
child 1267 157c12589f79
Changed the access checks for organization. This should allow normal users to use organizations as well. Patch by: Lennard de Rijk Reviewed by: to-be-reviewed
app/soc/views/models/organization.py
--- a/app/soc/views/models/organization.py	Wed Feb 11 20:10:53 2009 +0000
+++ b/app/soc/views/models/organization.py	Wed Feb 11 20:55:17 2009 +0000
@@ -27,6 +27,8 @@
 
 from soc.logic import cleaning
 from soc.logic import dicts
+from soc.logic.models import organization as org_logic
+from soc.logic.models import org_admin as org_admin_logic
 from soc.logic.models import org_app as org_app_logic
 from soc.views.helper import access
 from soc.views.helper import dynaform
@@ -51,16 +53,20 @@
       original_params: a dict with params for this View
     """
 
-    # TODO do the proper access checks
     rights = access.Checker(params)
     rights['create'] = ['checkIsDeveloper']
-    rights['edit'] = ['checkIsDeveloper']
+    rights['edit'] = [('checkHasActiveRoleForScope', 
+                           [org_admin_logic.logic, 'link_id']),
+                      ('checkIsActive', [org_logic.logic, None])]
     rights['delete'] = ['checkIsDeveloper']
     rights['home'] = ['allow']
     rights['list'] = ['checkIsDeveloper']
-    rights['list_requests'] = ['checkIsDeveloper']
-    rights['list_roles'] = ['checkIsDeveloper']
-    rights['applicant'] = ['checkIsDeveloper']
+    rights['list_requests'] = [('checkHasActiveRoleForScope', 
+                                [org_admin_logic.logic, 'link_id'])]
+    rights['list_roles'] = [('checkHasActiveRoleForScope', 
+                             [org_admin_logic.logic, 'link_id'])]
+    rights['applicant'] = [('checkIsApplicationAccepted',
+                            org_app_logic.logic)]
 
     new_params = {}
     new_params['logic'] = soc.logic.models.organization.logic