don't edit ticket info or export notes if not authenticated
gitea/scrutiny/pipeline/head This commit looks good
Details
gitea/scrutiny/pipeline/head This commit looks good
Details
This commit is contained in:
parent
19f5d45bf7
commit
80b4d6a6ef
|
@ -1,7 +1,9 @@
|
|||
<tr>
|
||||
<td class="edit">
|
||||
<a rel="popup" class="link-action-icon edit" href="{% url 'issue-edit-info' issue.id %}" data-inplace-submit="true">Editer</a>
|
||||
</td>
|
||||
{% if user.is_authenticated %}
|
||||
<td class="edit">
|
||||
<a rel="popup" class="link-action-icon edit" href="{% url 'issue-edit-info' issue.id %}" data-inplace-submit="true">Editer</a>
|
||||
</td>
|
||||
{% endif %}
|
||||
<td class="doc">
|
||||
{% if issue.info.doc_focus %}<span class="icon doc"></span>{% endif %}
|
||||
</td>
|
||||
|
|
|
@ -13,7 +13,9 @@
|
|||
{% if day.modules %}
|
||||
{% if day.day == 'future' %}
|
||||
<h3>À venir</h3>
|
||||
<a href="{% url 'project-summary-history-future' slug=object.slug %}">Exporter</a>
|
||||
{% if user.is_authenticated %}
|
||||
<a href="{% url 'project-summary-history-future' slug=object.slug %}">Exporter</a>
|
||||
{% endif %}
|
||||
{% else %}
|
||||
<h3>{{ day.day|date:"d/m/Y" }}</h3>
|
||||
<a href="{% url 'project-summary-history-day' slug=object.slug year=day.day.year month=day.day.month day=day.day.day %}">Exporter</a>
|
||||
|
|
|
@ -3,6 +3,7 @@ import json
|
|||
import re
|
||||
|
||||
from django import template
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.http import Http404, HttpResponse, JsonResponse
|
||||
from django.shortcuts import render
|
||||
from django.utils import timezone
|
||||
|
@ -245,6 +246,11 @@ class ProjectSummaryHistoryView(ProjectSummaryHistoryMixin, DetailView):
|
|||
class ProjectSummaryHistoryDayView(ProjectSummaryHistoryMixin, IssuesMixin, DetailView):
|
||||
model = Project
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
if not request.user.is_authenticated:
|
||||
raise PermissionDenied
|
||||
return super().dispatch(request, *args, **kwargs)
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
self.object = self.get_object()
|
||||
day = 'future'
|
||||
|
@ -358,6 +364,8 @@ class IssueInfoUpdate(FormView):
|
|||
success_url = '/'
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
if not request.user.is_authenticated:
|
||||
raise PermissionDenied
|
||||
self.issue = Issue(kwargs['issue_id'])
|
||||
return super().dispatch(request, *args, **kwargs)
|
||||
|
||||
|
|
Loading…
Reference in New Issue