fixes Ticket #1443. Do not allow editing or submitting new session requests when the tool is locked. Commit ready for merge.

- Legacy-Id: 8156

ietf/secr/sreq/tests.py

@@ -1,11 +1,16 @@
+import os
+import shutil
+
 from django.core.urlresolvers import reverse
+from django.conf import settings
 
 from ietf.utils.test_utils import TestCase
 from ietf.group.models import Group
+#from ietf.meeting.models import Session
 #from ietf.utils.test_data import make_test_data
 from ietf.meeting.test_data import make_meeting_test_data as make_test_data
 
-#from pyquery import PyQuery
+from pyquery import PyQuery
 
 SECR_USER='secretary'
 
@@ -59,6 +64,47 @@ class SubmitRequestCase(TestCase):
         r = self.client.get(url)
         assert False, r.content
 """
+
+class LockAppTestCase(TestCase):
+    def setUp(self):
+        self.agenda_dir = os.path.abspath("tmp-agenda-dir")
+        os.mkdir(self.agenda_dir)
+        settings.AGENDA_PATH = self.agenda_dir
+        path = os.path.join(self.agenda_dir,'session_request.lock')
+        with open(path, 'w') as f:
+            f.write('App is locked')
+
+    def tearDown(self):
+        shutil.rmtree(self.agenda_dir)
+        
+    def test_edit_request(self):
+        make_test_data()
+        group = Group.objects.get(acronym='mars')
+        url = reverse('sessions_edit',kwargs={'acronym':group.acronym})
+        self.client.login(username="secretary", password="secretary+password")
+        r = self.client.get(url)
+        self.assertEqual(r.status_code, 200)
+        q = PyQuery(r.content)
+        self.assertEqual(len(q(':disabled[name="submit"]')), 1)
+    
+    def test_view_request(self):
+        make_test_data()
+        group = Group.objects.get(acronym='mars')
+        url = reverse('sessions_view',kwargs={'acronym':group.acronym})
+        self.client.login(username="secretary", password="secretary+password")
+        r = self.client.get(url,follow=True)
+        self.assertEqual(r.status_code, 200)
+        q = PyQuery(r.content)
+        self.assertEqual(len(q(':disabled[name="edit"]')), 1)
+        
+    def test_new_request(self):
+        make_test_data()
+        group = Group.objects.get(acronym='mars')
+        url = reverse('sessions_new',kwargs={'acronym':group.acronym})
+        self.client.login(username="secretary", password="secretary+password")
+        r = self.client.get(url)
+        self.assertEqual(r.status_code, 302)
+        
 class EditRequestCase(TestCase):
     pass
     
@@ -73,4 +119,4 @@ class RetrievePreviousCase(TestCase):
     # test error if already scheduled
     # test get previous exists/doesn't exist
     # test that groups scheduled and unscheduled add up to total groups
-    # test locking function, access by unauthorized
+    # test access by unauthorized

ietf/secr/sreq/views.py

@@ -24,7 +24,7 @@ from ietf.person.models import Email
 # Globals
 # -------------------------------------------------
 SESSION_REQUEST_EMAIL = 'session-request@ietf.org'
-LOCKFILE = os.path.join(settings.SECR_PROCEEDINGS_DIR,'session_request.lock')
+LOCKFILE = os.path.join(settings.AGENDA_PATH,'session_request.lock')
 # -------------------------------------------------
 # Helper Functions
 # -------------------------------------------------
@@ -355,6 +355,11 @@ def edit_mtg(request, num, acronym):
     if 'resources' in initial:
         initial['resources'] = [x.pk for x in initial['resources']]
 
+    # check if app is locked
+    is_locked = check_app_locked()
+    if is_locked:
+        messages.warning(request, "The Session Request Tool is closed")
+        
     session_conflicts = session_conflicts_as_string(group, meeting)
     login = request.user.person
 
@@ -467,6 +472,7 @@ def edit_mtg(request, num, acronym):
         form = SessionForm(initial=initial)
 
     return render_to_response('sreq/edit.html', {
+        'is_locked': is_locked,
         'meeting': meeting,
         'form': form,
         'group': group,
@@ -541,11 +547,16 @@ def new(request, acronym):
     This view gathers details for a new session request.  The user proceeds to confirm()
     to create the request.
     '''
-
     group = get_object_or_404(Group, acronym=acronym)
     meeting = get_meeting()
     session_conflicts = session_conflicts_as_string(group, meeting)
 
+    # check if app is locked
+    is_locked = check_app_locked()
+    if is_locked:
+        messages.warning(request, "The Session Request Tool is closed")
+        return redirect('sessions')
+    
     if request.method == 'POST':
         button_text = request.POST.get('submit', '')
         if button_text == 'Cancel':
@@ -689,9 +700,17 @@ def view(request, acronym, num = None):
     group = get_object_or_404(Group, acronym=acronym)
     sessions = Session.objects.filter(~Q(status__in=('canceled','notmeet','deleted')),meeting=meeting,group=group).order_by('id')
 
+    # check if app is locked
+    is_locked = check_app_locked()
+    if is_locked:
+        messages.warning(request, "The Session Request Tool is closed")
+        
     # if there are no session requests yet, redirect to new session request page
     if not sessions:
-        return redirect('sessions_new', acronym=acronym)
+        if is_locked:
+            return redirect('sessions')
+        else:
+            return redirect('sessions_new', acronym=acronym)
 
     # TODO simulate activity records
     activities = [{'act_date':sessions[0].requested.strftime('%b %d, %Y'),
@@ -718,6 +737,7 @@ def view(request, acronym, num = None):
     session = get_initial_session(sessions)
 
     return render_to_response('sreq/view.html', {
+        'is_locked': is_locked,
         'session': session,
         'activities': activities,
         'meeting': meeting,

ietf/secr/templates/includes/sessions_request_form.html

@@ -62,6 +62,12 @@
            </tr>
          </table>
 
-         {% include "includes/buttons_save_cancel.html" %}
+         <div class="button-group">
+           <ul>
+             <li><button type="submit" name="submit" value="Save"{% if is_locked %} disabled{% endif %}>Save</button></li>
+             <li><button type="submit" name="submit" value="Cancel">Cancel</button></li>
+           </ul>
+         </div> <!-- button-group -->
+
 
          </form>

ietf/secr/templates/sreq/view.html

@@ -28,7 +28,7 @@
     
       <div class="button-group">
         <ul>
-          <li><button onclick="window.location='edit/'">Edit</button></li>
+          <li><button name="edit" onclick="window.location='edit/'"{% if is_locked %} disabled{% endif %}>Edit</button></li>
           {% if show_approve_button %}
             <li><button onclick="window.location='approve/'">Approve Third Session</button></li>
           {% endif %}