mitri4
/
LilSchool
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

LIL-450. Fix teacher perms.

Browse Source
remotes/origin/hasaccess
Ivlev Denis 8 years ago
parent 1f663c3d89
commit ebdf1c5dc6
2 changed files with 5 additions and 33 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 34
      apps/course/views.py
  2. 4
      project/templates/blocks/header.html

34
apps/course/views.py
Unescape View File

@ -167,7 +167,7 @@ class CourseEditView(TemplateView):
self.object = Course.objects.create(
author=request.user,
)
if request.user != self.object.author and request.user.role not in [User.ADMIN_ROLE, User.AUTHOR_ROLE]:
if request.user != self.object.author and request.user.role < User.AUTHOR_ROLE:
raise Http404
return super().get(request)
@ -178,34 +178,6 @@ class CourseEditView(TemplateView):
return context
@method_decorator(login_required, name='dispatch')
class CourseLiveEditView(TemplateView):
template_name = 'course/course_edit.html'
def get(self, request, pk=None):
drafts = Course.objects.filter(
author=request.user, status=Course.DRAFT
)
if pk:
self.object = get_object_or_404(Course, pk=pk)
elif drafts.exists():
self.object = drafts.last()
else:
self.object = Course.objects.create(
author=request.user,
)
if request.user != self.object.author and request.user.role not in [User.ADMIN_ROLE, User.AUTHOR_ROLE]:
raise Http404
return super().get(request)
def get_context_data(self):
context = super().get_context_data()
context['live'] = 'true'
if self.object:
context['object'] = self.object
return context
# @method_decorator(login_required, name='dispatch')
class CourseView(DetailView):
model = Course
@ -217,7 +189,7 @@ class CourseView(DetailView):
response = super().get(request, *args, **kwargs)
context = self.get_context_data()
if (not request.user.is_authenticated and self.object.status != Course.PUBLISHED) or\
(request.user.is_authenticated and request.user.role not in [User.AUTHOR_ROLE, User.ADMIN_ROLE] and self.object.author != request.user and self.only_lessons and not context['paid']):
(request.user.is_authenticated and request.user.role < User.AUTHOR_ROLE and self.object.author != request.user and self.only_lessons and not context['paid']):
raise Http404
return response
@ -318,7 +290,7 @@ class LessonView(DetailView):
def get(self, request, *args, **kwargs):
response = super().get(request, *args, **kwargs)
if (self.object.course.status != Course.PUBLISHED and
(request.user.role not in [User.AUTHOR_ROLE, User.ADMIN_ROLE] or
(request.user.role < User.AUTHOR_ROLE or
self.object.course.author != request.user)):
raise Http404
return response

4
project/templates/blocks/header.html
Unescape View File

@ -58,12 +58,12 @@
{{ request.user.balance }} руб.
</a>
{% if request.user.auth_token %}
{% if request.user.role == request.user.AUTHOR_ROLE or request.user.role == request.user.ADMIN_ROLE %}
{% if request.user.role >= request.user.AUTHOR_ROLE %}
<a class="header__link header__link_green" href="{% url 'course_create' %}">
<div class="header__title">ДОБАВИТЬ КУРС</div>
</a>
{% endif %}
{% if request.user.role == request.user.TEACHER_ROLE or request.user.role == request.user.ADMIN_ROLE %}
{% if request.user.role >= request.user.TEACHER_ROLE %}
<a class="header__link header__link_green" href="{% url 'school:lessons-create' %}">
<div class="header__title">ДОБАВИТЬ УРОК ШКОЛЫ</div>
</a>

Write Preview
Loading…
Cancel
Save