nobody but the user can see the status (needs change)
This commit is contained in:
parent
d7d4143215
commit
7f50cc941a
|
@ -64,6 +64,11 @@ class FormStatusPage(Directory):
|
|||
html_foot()
|
||||
|
||||
def status [html] (self):
|
||||
session = get_session()
|
||||
if not session or self.filled.user_id != session.user:
|
||||
# XXX: allows only for the persons responsible for that type of
|
||||
# form
|
||||
raise wcs.errors.AccessError()
|
||||
html_top(self.formdef.name + ' - ' + self.filled.id)
|
||||
tm = time.strftime(str("%Y-%m-%d %H:%M"), self.filled.receipt_time)
|
||||
"<p>"
|
||||
|
|
Loading…
Reference in New Issue