diff --git a/mgmt/rights.py b/mgmt/rights.py
new file mode 100644
index 0000000..3141903
--- /dev/null
+++ b/mgmt/rights.py
@@ -0,0 +1,27 @@
+
+def set_responsible(bug,user):
+ bug.responsible = user
+
+bug_rights = {
+ (0,1): ('Team',None),
+ (0,4): ('Admin',None),
+ (1,0): ('Admin',None),
+ (1,2): ('Team', set_responsible),
+ (1,4): ('Admin',None),
+ (2,3): ('Team',None),
+ (3,4): ('Team',None),
+ (4,0): ('Team',None) }
+
+def can(user,action,object=None,target=None):
+ if action in ['comment','send bug']:
+ return user.is_authenticated()
+ if action in ['create', 'edit', 'delete']:
+ return user.is_authenticated() and user.has_perm('mgmt.%s.%s' % (object,action))
+ if object.__class__.__name__ == 'Bug':
+ if (object.status,target) in bug_rights:
+ cat,proc = bug_rights[(object.status,target)]
+ if cat=='Team':
+ return user in object.team
+ if cat=='Admin':
+ return user in object.admins
+ return False
diff --git a/mgmt/views.py b/mgmt/views.py
index 6e4b109..df388c9 100644
--- a/mgmt/views.py
+++ b/mgmt/views.py
@@ -11,6 +11,7 @@ import django.newforms as forms
from models import *
from context import add_blocks,debug_messages
+from rights import can
def render_it(template,dict,request):
c = RequestContext(request,dict,[add_blocks,debug_messages])
@@ -49,7 +50,10 @@ def one_project(request,id):
text = text)
c.save()
comments = Comment.objects.filter(object=project)
- form = CommentForm()
+ if can(request.user,'comment'):
+ form = CommentForm()
+ else:
+ form = None
return render_it('project.html',
{'project': project,
'comments': comments,
@@ -69,7 +73,10 @@ def project_bugs(request,id):
text = text)
b.save()
bugs = Bug.objects.filter(project=project)
- form = BugForm()
+ if can(request.user,'send bug'):
+ form = BugForm()
+ else:
+ form = None
return render_it('project_bugs.html',
{'project': project,
'bugs': bugs,
@@ -96,7 +103,10 @@ def one_document(request,id):
text = text)
c.save()
comments = Comment.objects.filter(object=doc)
- form = CommentForm()
+ if can(request.user,'comment'):
+ form = CommentForm()
+ else:
+ form = None
return render_it('document.html',
{'document': doc,
'comments': comments,
@@ -116,7 +126,10 @@ def create_document(request):
project=project)
d.save()
msg = u"Документ создан"
- form = DocForm()
+ if can(request.user,'create','document'):
+ form = DocForm()
+ else:
+ form = None
return render_it('create_doc.html',
{'msg': msg,
'form': form},
diff --git a/settings.py b/settings.py
index ec9526d..7d388a4 100644
--- a/settings.py
+++ b/settings.py
@@ -60,6 +60,10 @@ MIDDLEWARE_CLASSES = (
ROOT_URLCONF = 'projects.urls'
TEMPLATE_CONTEXT_PROCESSORS = (
+ "django.core.context_processors.auth",
+ "django.core.context_processors.debug",
+ "django.core.context_processors.i18n",
+ "django.core.context_processors.media",
'mgmt.context.add_blocks',
)
diff --git a/templates/comments.html b/templates/comments.html
index 6e8973e..eac66dc 100644
--- a/templates/comments.html
+++ b/templates/comments.html
@@ -11,7 +11,9 @@
<p>Комментариев пока нет.</p>
{% endif %}
+{% if form %}
<form method='post' action='.'>
{{ form.as_p }}
<input type='submit' />
</form>
+{% endif %}
diff --git a/templates/create_doc.html b/templates/create_doc.html
index 424494d..8437f7d 100644
--- a/templates/create_doc.html
+++ b/templates/create_doc.html
@@ -11,9 +11,13 @@
</div>
{% endif %}
+{% if form %}
<form method='post' action='.'>
{{form.as_p}}
<input type='submit'/>
</form>
+{% else %}
+ <p>Вы не можете создавать документацию.</p>
+{% endif %}
{% endblock %}
diff --git a/templates/project_bugs.html b/templates/project_bugs.html
index 7e73095..c138727 100644
--- a/templates/project_bugs.html
+++ b/templates/project_bugs.html
@@ -18,9 +18,11 @@
<p>В этом проекте нет багов.</p>
{%endif%}
-<form method='post' action='.'>
- {{form.as_p}}
- <input type='submit'/>
-</form>
+{% if form %}
+ <form method='post' action='.'>
+ {{form.as_p}}
+ <input type='submit'/>
+ </form>
+{% endif %}
{% endblock %}