add canEditRightsLevel flag

This commit is contained in:
j 2014-06-04 10:34:36 +03:00
parent e62c7d30f2
commit e28542578d
5 changed files with 9 additions and 2 deletions

View file

@ -32,6 +32,7 @@
"canEditMedia": {"staff": true, "admin": true}, "canEditMedia": {"staff": true, "admin": true},
"canEditMetadata": {"staff": true, "admin": true}, "canEditMetadata": {"staff": true, "admin": true},
"canEditPlaces": {"staff": true, "admin": true}, "canEditPlaces": {"staff": true, "admin": true},
"canEditRightsLevel": {"staff": true, "admin": true},
"canEditSitePages": {"staff": true, "admin": true}, "canEditSitePages": {"staff": true, "admin": true},
"canEditUsers": {"admin": true}, "canEditUsers": {"admin": true},
"canImportAnnotations": {}, "canImportAnnotations": {},

View file

@ -33,6 +33,7 @@
"canEditMedia": {"researcher": true, "staff": true, "admin": true}, "canEditMedia": {"researcher": true, "staff": true, "admin": true},
"canEditMetadata": {"researcher": true, "staff": true, "admin": true}, "canEditMetadata": {"researcher": true, "staff": true, "admin": true},
"canEditPlaces": {"researcher": true, "staff": true, "admin": true}, "canEditPlaces": {"researcher": true, "staff": true, "admin": true},
"canEditRightsLevel": {"researcher": true, "staff": true, "admin": true},
"canEditSitePages": {"staff": true, "admin": true}, "canEditSitePages": {"staff": true, "admin": true},
"canEditUsers": {"staff": true, "admin": true}, "canEditUsers": {"staff": true, "admin": true},
"canImportAnnotations": {"researcher": true, "staff": true, "admin": true}, "canImportAnnotations": {"researcher": true, "staff": true, "admin": true},

View file

@ -32,6 +32,7 @@
"canEditMedia": {"staff": true, "admin": true}, "canEditMedia": {"staff": true, "admin": true},
"canEditMetadata": {"staff": true, "admin": true}, "canEditMetadata": {"staff": true, "admin": true},
"canEditPlaces": {"staff": true, "admin": true}, "canEditPlaces": {"staff": true, "admin": true},
"canEditRightsLevel": {"member": true, "staff": true, "admin": true},
"canEditSitePages": {"staff": true, "admin": true}, "canEditSitePages": {"staff": true, "admin": true},
"canEditUsers": {"admin": true}, "canEditUsers": {"admin": true},
"canImportAnnotations": {"member": true, "staff": true, "admin": true}, "canImportAnnotations": {"member": true, "staff": true, "admin": true},

View file

@ -32,6 +32,7 @@
"canEditMedia": {"staff": true, "admin": true}, "canEditMedia": {"staff": true, "admin": true},
"canEditMetadata": {"staff": true, "admin": true}, "canEditMetadata": {"staff": true, "admin": true},
"canEditPlaces": {"staff": true, "admin": true}, "canEditPlaces": {"staff": true, "admin": true},
"canEditRightsLevel": {"member": true, "staff": true, "admin": true},
"canEditSitePages": {"staff": true, "admin": true}, "canEditSitePages": {"staff": true, "admin": true},
"canEditUsers": {"admin": true}, "canEditUsers": {"admin": true},
"canImportAnnotations": {"member": true, "staff": true, "admin": true}, "canImportAnnotations": {"member": true, "staff": true, "admin": true},

View file

@ -555,7 +555,10 @@ def edit(request):
item.log() item.log()
response = json_response(status=200, text='ok') response = json_response(status=200, text='ok')
if 'rightslevel' in data: if 'rightslevel' in data:
item.level = int(data['rightslevel']) if request.user.get_profile().capability('canEditRightsLevel') == True:
item.level = int(data['rightslevel'])
else:
response = json_response(status=403, text='permission denied')
del data['rightslevel'] del data['rightslevel']
if 'user' in data: if 'user' in data:
if request.user.get_profile().get_level() in ('admin', 'staff') and \ if request.user.get_profile().get_level() in ('admin', 'staff') and \
@ -572,7 +575,7 @@ def edit(request):
tasks.update_clips.delay(item.itemId) tasks.update_clips.delay(item.itemId)
response['data'] = item.get_json() response['data'] = item.get_json()
else: else:
response = json_response(status=403, text='permissino denied') response = json_response(status=403, text='permission denied')
return render_to_json_response(response) return render_to_json_response(response)
actions.register(edit, cache=False) actions.register(edit, cache=False)