Little permission fix

This commit is contained in:
Antoine Bartuccio 2016-12-25 22:04:31 +01:00
parent e17fd22a37
commit 5449a4fca2
2 changed files with 3 additions and 1 deletions

View File

@ -362,7 +362,9 @@ th {
{%- endif %} {%- endif %}
<a href="{{url('election:create_list', election_id=object.id)}}">{% trans %}Add a new list{% endtrans %}</a> <a href="{{url('election:create_list', election_id=object.id)}}">{% trans %}Add a new list{% endtrans %}</a>
{%- if user.can_edit(election) %} {%- if user.can_edit(election) %}
{% if election.is_vote_editable %}
<a href="{{url('election:create_role', election_id=object.id)}}">{% trans %}Add a new role{% endtrans %}</a> <a href="{{url('election:create_role', election_id=object.id)}}">{% trans %}Add a new role{% endtrans %}</a>
{% endif %}
<a href="{{url('election:update', election_id=object.id)}}">{% trans %}Edit{% endtrans %}</a> <a href="{{url('election:update', election_id=object.id)}}">{% trans %}Edit{% endtrans %}</a>
{%- endif %} {%- endif %}
</section> </section>

View File

@ -289,7 +289,7 @@ class RoleCreateView(CanCreateMixin, CreateView):
def dispatch(self, request, *arg, **kwargs): def dispatch(self, request, *arg, **kwargs):
self.election = get_object_or_404(Election, pk=kwargs['election_id']) self.election = get_object_or_404(Election, pk=kwargs['election_id'])
if self.election.is_vote_editable: if not self.election.is_vote_editable:
raise PermissionDenied raise PermissionDenied
return super(RoleCreateView, self).dispatch(request, *arg, **kwargs) return super(RoleCreateView, self).dispatch(request, *arg, **kwargs)