diff --git a/ietf/ietfworkflows/forms.py b/ietf/ietfworkflows/forms.py index bc785192d..5ff14578d 100644 --- a/ietf/ietfworkflows/forms.py +++ b/ietf/ietfworkflows/forms.py @@ -60,7 +60,7 @@ class NoWorkflowStateForm(StreamDraftForm): self.wgs = list(wgs) self.fields['wg'].choices = [(i.group_acronym.pk, i.group_acronym.group_acronym.name) for i in self.wgs] else: - self.onlywg = wgs[0].group_acronym + self.onlywg = list(wgs)[0].group_acronym def save(self): comment = self.cleaned_data.get('comment') diff --git a/ietf/ietfworkflows/templatetags/ietf_streams.py b/ietf/ietfworkflows/templatetags/ietf_streams.py index 0edcbf36d..7e88cf0f2 100644 --- a/ietf/ietfworkflows/templatetags/ietf_streams.py +++ b/ietf/ietfworkflows/templatetags/ietf_streams.py @@ -3,6 +3,8 @@ from django import template from ietf.idrfc.idrfc_wrapper import IdRfcWrapper, IdWrapper from ietf.ietfworkflows.utils import (get_workflow_for_draft, get_state_for_draft) +from ietf.wgchairs.accounts import (can_manage_shepherd_of_a_document, + can_manage_writeup_of_a_document) from ietf.ietfworkflows.streams import get_stream_from_wrapper from ietf.ietfworkflows.accounts import (can_edit_state, can_edit_stream) @@ -65,5 +67,8 @@ def edit_actions(context, wrapper): return { 'can_edit_state': can_edit_state(user, draft), 'can_edit_stream': can_edit_stream(user, draft), + 'can_writeup': can_manage_writeup_of_a_document(user, draft), + 'can_shepherd': can_manage_shepherd_of_a_document(user, draft), + 'draft': draft, 'doc': wrapper, } diff --git a/ietf/ietfworkflows/views.py b/ietf/ietfworkflows/views.py index 515d4856e..083e2501c 100644 --- a/ietf/ietfworkflows/views.py +++ b/ietf/ietfworkflows/views.py @@ -1,4 +1,4 @@ -from django.http import HttpResponseRedirect +from django.http import HttpResponseRedirect, HttpResponseForbidden from django.shortcuts import get_object_or_404, render_to_response from django.template import RequestContext @@ -12,6 +12,7 @@ from ietf.ietfworkflows.utils import (get_workflow_history_for_draft, get_workflow_for_draft, get_annotation_tags_for_draft, get_state_for_draft) +from ietf.ietfworkflows.accounts import (can_edit_state, can_edit_stream) REDUCED_HISTORY_LEN = 20 @@ -46,9 +47,8 @@ def stream_history(request, name): context_instance=RequestContext(request)) -def edit_state(request, name, form_class=DraftTagsStateForm): +def _edit_draft_stream(request, draft, form_class=DraftTagsStateForm): user = request.user - draft = get_object_or_404(InternetDraft, filename=name) workflow = get_workflow_for_draft(draft) if not workflow: form_class = NoWorkflowStateForm @@ -75,5 +75,14 @@ def edit_state(request, name, form_class=DraftTagsStateForm): context_instance=RequestContext(request)) +def edit_state(request, name): + draft = get_object_or_404(InternetDraft, filename=name) + if not can_edit_state(request.user, draft): + return HttpResponseForbidden('You have no permission to access this view') + return _edit_draft_stream(request, draft, DraftTagsStateForm) + def edit_stream(request, name): - return edit_state(request, name, DraftStreamForm) + draft = get_object_or_404(InternetDraft, filename=name) + if not can_edit_stream(request.user, draft): + return HttpResponseForbidden('You have no permission to access this view') + return _edit_draft_stream(request, draft, DraftStreamForm) diff --git a/ietf/templates/ietfworkflows/edit_actions.html b/ietf/templates/ietfworkflows/edit_actions.html index 9e677f71d..e5bd3102e 100644 --- a/ietf/templates/ietfworkflows/edit_actions.html +++ b/ietf/templates/ietfworkflows/edit_actions.html @@ -1,5 +1,7 @@ -
+
{% if can_edit_state %} Change state {% endif %} -{% if can_edit_stream %}{% if can_edit_state %} | {% endif %} Change draft stream{% endif %} +{% if can_edit_stream %}{% if can_edit_state %} | {% endif %}Change draft stream{% endif %} +{% if can_shepherd %}{% if can_edit_state or can_edit_stream %} | {% endif %}Change draft shepherd{% endif %} +{% if can_writeup %}{% if can_edit_state or can_edit_stream or can_writeup %} | {% endif %}Change draft writeup{% endif %}
diff --git a/ietf/templates/wgchairs/shepherd_document_row.html b/ietf/templates/wgchairs/shepherd_document_row.html index dec1a12dc..0a7e03ad3 100644 --- a/ietf/templates/wgchairs/shepherd_document_row.html +++ b/ietf/templates/wgchairs/shepherd_document_row.html @@ -2,10 +2,10 @@ - {{ doc.title }} + {{ doc.title }} - - {{ doc.status.status }} + + Change shepherd {% writeup doc %} diff --git a/ietf/templates/wgchairs/wg_shepherd_documents.html b/ietf/templates/wgchairs/wg_shepherd_documents.html index 0bbbc1074..65435bd94 100644 --- a/ietf/templates/wgchairs/wg_shepherd_documents.html +++ b/ietf/templates/wgchairs/wg_shepherd_documents.html @@ -56,7 +56,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - + diff --git a/ietf/wgchairs/accounts.py b/ietf/wgchairs/accounts.py index f70060fc6..490f26e0b 100644 --- a/ietf/wgchairs/accounts.py +++ b/ietf/wgchairs/accounts.py @@ -1,3 +1,9 @@ +def is_secretariat(user): + if not user or not user.is_authenticated(): + return False + return bool(user.groups.filter(name='Secretariat')) + + def is_area_director_for_group(person, group): return bool(group.area.area.areadirector_set.filter(person=person).count()) @@ -27,35 +33,35 @@ def can_do_wg_workflow_in_group(user, group): person = get_person_for_user(user) if not person: return False - return is_group_chair(person, group) + return (is_secretariat(user) or is_group_chair(person, group)) def can_do_wg_workflow_in_document(user, document): person = get_person_for_user(user) if not person or not document.group: return False - return can_do_wg_workflow_in_group(document.group.ietfwg) + return (is_secretariat(user) or can_do_wg_workflow_in_group(document.group.ietfwg)) def can_manage_workflow_in_group(user, group): person = get_person_for_user(user) if not person: return False - return is_group_chair(person, group) + return (is_secretariat(user) or is_group_chair(person, group)) def can_manage_delegates_in_group(user, group): person = get_person_for_user(user) if not person: return False - return is_group_chair(person, group) + return (is_secretariat(user) or is_group_chair(person, group)) def can_manage_shepherds_in_group(user, group): person = get_person_for_user(user) if not person: return False - return is_group_chair(person, group) + return (is_secretariat(user) or is_group_chair(person, group)) def can_manage_shepherd_of_a_document(user, document): @@ -70,7 +76,8 @@ def can_manage_writeup_of_a_document_no_state(user, document): if not person or not document.group: return False group = document.group.ietfwg - return (is_group_chair(person, group) or + return (is_secretariat(user) or + is_group_chair(person, group) or is_area_director_for_group(person, group) or is_group_delegate(person, group))
DocumentStatusChange shepherd Protocol write-up Protocol write-up last update