Mercurial > hg > savane-forge
changeset 336:caf040382bee
Don't show private items
| author | Sylvain Beucler <beuc@beuc.net> |
|---|---|
| date | Sun, 22 Aug 2010 23:32:21 +0200 |
| parents | 0718a9ef6cd5 |
| children | af82331e34ca |
| files | savane/tracker/models.py savane/tracker/views.py |
| diffstat | 2 files changed, 7 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/savane/tracker/models.py +++ b/savane/tracker/models.py @@ -105,6 +105,9 @@ ) name = models.CharField(max_length=7, choices=NAME_CHOICES, primary_key=True) + def get_public_id_item_field(self): + return 'public_%s' % self.name + def __unicode__(self): "Used in the admin interface fields list" return self.name @@ -385,7 +388,7 @@ # - fields with hard-coded processing summary = models.TextField() details = models.TextField() - privacy = models.IntegerField(default=5) + privacy = models.IntegerField(default=1) discussion_lock = models.IntegerField(default=0) vote = models.IntegerField(default=0) category_id = models.IntegerField(default=100)
--- a/savane/tracker/views.py +++ b/savane/tracker/views.py @@ -33,13 +33,12 @@ @render_to('tracker/item_form.html', mimetype=None) def item_detail(request, tracker, object_id, extra_context={}): - if tracker not in [k for (k,v) in tracker_models.Tracker.NAME_CHOICES]: - raise HttpAppException("Invalid tracker") + tracker = get_object_or_404(tracker_models.Tracker, name=tracker) - kwargs = {'public_%s' % tracker : object_id} + kwargs = {tracker.get_public_id_item_field() : object_id} item = get_object_or_404(tracker_models.Item, **kwargs) - if item.privacy == 1: + if item.privacy == 0: # reverse meaning... # Allowed: members with 'private items' privs if not request.user.is_superuser: raise HttpAppException(_("Access denied") + _(": ") + _("private item"))