0x2620
/
pandora
2
1
Fork 1
Code Issues 1.3k Pull Requests Releases Wiki Activity

only admins can change rightslevel

This commit is contained in:
j 2018-05-31 17:27:05 +02:00
parent 717248bc73
commit 7acc562b53
2 changed files with 21 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora/user/views.py
View File

@ -362,7 +362,7 @@ def editUser(request, data):
response = json_response(status=403, text='email already in use')
return render_to_json_response(response)
user.email = data['email']
if 'level' in data:
if 'level' in data and request.user.profile.get_level() == 'admin':
profile.set_level(data['level'])
if 'notes' in data:
profile.notes = data['notes']

32
static/js/usersDialog.js
View File

@ -680,19 +680,27 @@ pandora.ui.usersDialog = function() {
}
}),
Ox.Select({
id: 'level',
items: pandora.site.userLevels.slice(1).map(function(level) {
return {
id: level,
title: Ox.toTitleCase(level)
};
pandora.user.level == 'admin'
? Ox.Select({
id: 'level',
items: pandora.site.userLevels.slice(1).map(function(level) {
return {
id: level,
title: Ox.toTitleCase(level)
};
}),
label: Ox._('Level'),
labelWidth: 80,
value: user.level,
width: formWidth - 16
}) : Ox.Input({
disabled: true,
id: 'level',
label: Ox._('Level'),
labelWidth: 80,
value: Ox.toTitleCase(user.level),
width: formWidth - 16
}),
label: Ox._('Level'),
labelWidth: 80,
value: user.level,
width: formWidth - 16
}),
Ox.Checkbox({
id: 'newsletter',
label: Ox._('Newsletter'),