liquid_feedback_frontend
changeset 281:b77e6a17ca77
Check unit voting right where neccessary, hide action buttons for units without voting right
line diff
1.1 --- a/app/main/area/show.lua Thu Feb 16 14:08:55 2012 +0100 1.2 +++ b/app/main/area/show.lua Thu Feb 16 15:01:49 2012 +0100 1.3 @@ -50,17 +50,19 @@ 1.4 params = { area_id = area.id } 1.5 } 1.6 1.7 - slot.select("actions", function() 1.8 - ui.link{ 1.9 - content = function() 1.10 - ui.image{ static = "icons/16/folder_add.png" } 1.11 - slot.put(_"Create new issue") 1.12 - end, 1.13 - module = "initiative", 1.14 - view = "new", 1.15 - params = { area_id = area.id } 1.16 - } 1.17 - end) 1.18 + if app.session.member:has_voting_right_for_unit_id(area.unit_id) then 1.19 + slot.select("actions", function() 1.20 + ui.link{ 1.21 + content = function() 1.22 + ui.image{ static = "icons/16/folder_add.png" } 1.23 + slot.put(_"Create new issue") 1.24 + end, 1.25 + module = "initiative", 1.26 + view = "new", 1.27 + params = { area_id = area.id } 1.28 + } 1.29 + end) 1.30 + end 1.31 1.32 1.33 end
2.1 --- a/app/main/delegation/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 2.2 +++ b/app/main/delegation/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 2.3 @@ -12,8 +12,6 @@ 2.4 area_id = nil 2.5 end 2.6 2.7 -local delegation = Delegation:by_pk(truster_id, unit_id, area_id, issue_id) 2.8 - 2.9 if param.get("delete") or trustee_id == -1 then 2.10 2.11 if delegation then 2.12 @@ -33,6 +31,24 @@ 2.13 2.14 else 2.15 2.16 + local check_unit_id 2.17 + if unit_id then 2.18 + check_unit_id = unit_id 2.19 + elseif area_id then 2.20 + local area = Area:by_id(area_id) 2.21 + check_unit_id = area.unit_id 2.22 + else 2.23 + local issue = Issue:by_id(issue_id) 2.24 + local area = Area:by_id(issue.area_id) 2.25 + check_unit_id = area.unit_id 2.26 + end 2.27 + 2.28 + if not app.session.member:has_voting_right_for_unit_id(check_unit_id) then 2.29 + error("access denied") 2.30 + end 2.31 + 2.32 + local delegation = Delegation:by_pk(truster_id, unit_id, area_id, issue_id) 2.33 + 2.34 if not delegation then 2.35 delegation = Delegation:new() 2.36 delegation.truster_id = truster_id
3.1 --- a/app/main/delegation/_show_box.lua Thu Feb 16 14:08:55 2012 +0100 3.2 +++ b/app/main/delegation/_show_box.lua Thu Feb 16 15:01:49 2012 +0100 3.3 @@ -1,4 +1,19 @@ 3.4 function change_delegation(scope, unit_id, area_id, issue, delegation, initiative_id) 3.5 + local check_unit_id 3.6 + if unit_id then 3.7 + check_unit_id = unit_id 3.8 + elseif area_id then 3.9 + local area = Area:by_id(area_id) 3.10 + check_unit_id = area.unit_id 3.11 + else 3.12 + local area = Area:by_id(issue.area_id) 3.13 + check_unit_id = area.unit_id 3.14 + end 3.15 + 3.16 + if not app.session.member:has_voting_right_for_unit_id(check_unit_id) then 3.17 + return 3.18 + end 3.19 + 3.20 local image 3.21 local text 3.22 if scope == "unit" and delegation and delegation.unit_id then
4.1 --- a/app/main/initiative/_action/add_support.lua Thu Feb 16 14:08:55 2012 +0100 4.2 +++ b/app/main/initiative/_action/add_support.lua Thu Feb 16 15:01:49 2012 +0100 4.3 @@ -4,6 +4,10 @@ 4.4 -- TODO important m1 selectors returning result _SET_! 4.5 local issue = initiative:get_reference_selector("issue"):for_share():single_object_mode():exec() 4.6 4.7 +if not app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then 4.8 + error("access denied") 4.9 +end 4.10 + 4.11 if issue.closed then 4.12 slot.put_into("error", _"This issue is already closed.") 4.13 return false
5.1 --- a/app/main/initiative/_action/create.lua Thu Feb 16 14:08:55 2012 +0100 5.2 +++ b/app/main/initiative/_action/create.lua Thu Feb 16 15:01:49 2012 +0100 5.3 @@ -33,6 +33,10 @@ 5.4 end 5.5 end 5.6 5.7 +if not app.session.member:has_voting_right_for_unit_id(area.unit_id) then 5.8 + error("access denied") 5.9 +end 5.10 + 5.11 local name = param.get("name") 5.12 5.13 local name = util.trim(name)
6.1 --- a/app/main/initiative/_suggestions.lua Thu Feb 16 14:08:55 2012 +0100 6.2 +++ b/app/main/initiative/_suggestions.lua Thu Feb 16 15:01:49 2012 +0100 6.3 @@ -1,6 +1,11 @@ 6.4 local initiative = param.get("initiative", "table") 6.5 6.6 -if app.session.member_id and not initiative.issue.half_frozen and not initiative.issue.closed and not initiative.revoked then 6.7 +if app.session.member_id 6.8 + and not initiative.issue.half_frozen 6.9 + and not initiative.issue.closed 6.10 + and not initiative.revoked 6.11 + and app.session.member:has_voting_right_for_unit_id(initiative.issue.area.unit_id) 6.12 +then 6.13 ui.link{ 6.14 content = function() 6.15 ui.image{ static = "icons/16/comment_add.png" }
7.1 --- a/app/main/interest/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 7.2 +++ b/app/main/interest/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 7.3 @@ -22,6 +22,10 @@ 7.4 return 7.5 end 7.6 7.7 +if not app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then 7.8 + error("access denied") 7.9 +end 7.10 + 7.11 if not interest then 7.12 interest = Interest:new() 7.13 interest.issue_id = issue_id
8.1 --- a/app/main/interest/_show_box.lua Thu Feb 16 14:08:55 2012 +0100 8.2 +++ b/app/main/interest/_show_box.lua Thu Feb 16 15:01:49 2012 +0100 8.3 @@ -34,7 +34,7 @@ 8.4 end 8.5 end 8.6 } 8.7 - else 8.8 + elseif app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then 8.9 if not issue.closed and not issue.fully_frozen then 8.10 ui.link{ 8.11 image = { static = "icons/16/user_add.png" },
9.1 --- a/app/main/issue/_show_head.lua Thu Feb 16 14:08:55 2012 +0100 9.2 +++ b/app/main/issue/_show_head.lua Thu Feb 16 15:01:49 2012 +0100 9.3 @@ -68,7 +68,7 @@ 9.4 9.5 if app.session.member_id then 9.6 9.7 - if issue.state == 'voting' then 9.8 + if issue.state == 'voting' and app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then 9.9 local text 9.10 if not direct_voter then 9.11 text = _"Vote now" 9.12 @@ -116,7 +116,7 @@ 9.13 end 9.14 end) 9.15 9.16 -if app.session.member_id then 9.17 +if app.session.member_id and app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then 9.18 slot.select("actions", function() 9.19 if not issue.fully_frozen and not issue.closed then 9.20 ui.link{ 9.21 @@ -137,7 +137,9 @@ 9.22 config.public_access_issue_head(issue) 9.23 end 9.24 9.25 -if app.session.member_id and issue.state == 'voting' and not direct_voter then 9.26 +if app.session.member_id and issue.state == 'voting' and not direct_voter 9.27 + and app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) 9.28 +then 9.29 ui.container{ 9.30 attr = { class = "voting_active_info" }, 9.31 content = function()
10.1 --- a/app/main/member/show_tab.lua Thu Feb 16 14:08:55 2012 +0100 10.2 +++ b/app/main/member/show_tab.lua Thu Feb 16 15:01:49 2012 +0100 10.3 @@ -63,6 +63,7 @@ 10.4 10.5 local selector = Area:new_selector() 10.6 :reset_fields() 10.7 + :join("privilege", nil, { "privilege.unit_id = area.unit_id AND privilege.member_id = ? AND privilege.voting_right", app.session.member_id }) 10.8 :add_field("area.id", nil, { "grouped" }) 10.9 :add_field("area.name", nil, { "grouped" }) 10.10 :add_field("membership.member_id NOTNULL", "is_member", { "grouped" })
11.1 --- a/app/main/membership/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 11.2 +++ b/app/main/membership/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 11.3 @@ -12,6 +12,10 @@ 11.4 end 11.5 11.6 if not membership then 11.7 + local area = Area:by_id(area_id) 11.8 + if not app.session.member:has_voting_right_for_unit_id(area.unit_id) then 11.9 + error("access denied") 11.10 + end 11.11 membership = Membership:new() 11.12 membership.area_id = area_id 11.13 membership.member_id = app.session.member_id
12.1 --- a/app/main/membership/_show_box.lua Thu Feb 16 14:08:55 2012 +0100 12.2 +++ b/app/main/membership/_show_box.lua Thu Feb 16 15:01:49 2012 +0100 12.3 @@ -26,7 +26,7 @@ 12.4 params = { area_id = area.id, delete = true }, 12.5 routing = { default = { mode = "redirect", module = "area", view = "show", id = area.id } } 12.6 } 12.7 - else 12.8 + elseif app.session.member:has_voting_right_for_unit_id(area.unit_id) then 12.9 ui.link{ 12.10 image = { static = "icons/16/user_add.png" }, 12.11 text = _"Become a member",
13.1 --- a/app/main/opinion/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 13.2 +++ b/app/main/opinion/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 13.3 @@ -22,8 +22,6 @@ 13.4 return false 13.5 end 13.6 13.7 - 13.8 - 13.9 if param.get("delete") then 13.10 if opinion then 13.11 opinion:destroy() 13.12 @@ -32,6 +30,13 @@ 13.13 return 13.14 end 13.15 13.16 +local degree = param.get("degree", atom.number) 13.17 +local fulfilled = param.get("fulfilled", atom.boolean) 13.18 + 13.19 +if degree ~= 0 and not app.session.member:has_voting_right_for_unit_id(suggestion.initiative.issue.area.unit_id) then 13.20 + error("access denied") 13.21 +end 13.22 + 13.23 if not opinion then 13.24 opinion = Opinion:new() 13.25 opinion.member_id = member_id 13.26 @@ -39,8 +44,6 @@ 13.27 opinion.fulfilled = false 13.28 end 13.29 13.30 -local degree = param.get("degree", atom.number) 13.31 -local fulfilled = param.get("fulfilled", atom.boolean) 13.32 13.33 if degree ~= nil then 13.34 opinion.degree = degree
14.1 --- a/app/main/suggestion/_action/add.lua Thu Feb 16 14:08:55 2012 +0100 14.2 +++ b/app/main/suggestion/_action/add.lua Thu Feb 16 15:01:49 2012 +0100 14.3 @@ -4,6 +4,12 @@ 14.4 return false 14.5 end 14.6 14.7 +local initiative = Initiative:by_id(param.get("initiative_id", atom.integer)) 14.8 +if not app.session.member:has_voting_right_for_unit_id(initiative.issue.area.unit_id) then 14.9 + error("access denied") 14.10 +end 14.11 + 14.12 + 14.13 local name = param.get("name") 14.14 local name = util.trim(name) 14.15
15.1 --- a/app/main/suggestion/_list.lua Thu Feb 16 14:08:55 2012 +0100 15.2 +++ b/app/main/suggestion/_list.lua Thu Feb 16 15:01:49 2012 +0100 15.3 @@ -116,7 +116,8 @@ 15.4 ui.container{ 15.5 attr = { class = "suggestion_my_opinion" }, 15.6 content = function() 15.7 - if app.session.member_id then 15.8 + local has_voting_right = app.session.member:has_voting_right_for_unit_id(initiative.issue.area.unit_id) 15.9 + if app.session.member_id and has_voting_right then 15.10 if initiative.issue.state == "voting" or initiative.issue.state == "closed" then 15.11 if degree == -2 then 15.12 ui.tag{ 15.13 @@ -225,6 +226,8 @@ 15.14 partial = partial 15.15 } 15.16 end 15.17 + elseif app.session.member_id then 15.18 + ui.field.text{ value = _"[No voting privilege]" } 15.19 else 15.20 ui.field.text{ value = _"[Registered members only]" } 15.21 end
16.1 --- a/app/main/supporter/_show_box.lua Thu Feb 16 14:08:55 2012 +0100 16.2 +++ b/app/main/supporter/_show_box.lua Thu Feb 16 15:01:49 2012 +0100 16.3 @@ -64,21 +64,18 @@ 16.4 routing = routing, 16.5 partial = partial 16.6 } 16.7 - else 16.8 - 16.9 - if not initiative.revoked then 16.10 - local params = param.get_all_cgi() 16.11 - params.dyn = nil 16.12 - ui.link{ 16.13 - image = { static = "icons/16/thumb_up_green.png" }, 16.14 - text = _"Support this initiative", 16.15 - module = "initiative", 16.16 - action = "add_support", 16.17 - id = initiative.id, 16.18 - routing = routing, 16.19 - partial = partial 16.20 - } 16.21 - end 16.22 + elseif not initiative.revoked and app.session.member:has_voting_right_for_unit_id(initiative.issue.area.unit_id) then 16.23 + local params = param.get_all_cgi() 16.24 + params.dyn = nil 16.25 + ui.link{ 16.26 + image = { static = "icons/16/thumb_up_green.png" }, 16.27 + text = _"Support this initiative", 16.28 + module = "initiative", 16.29 + action = "add_support", 16.30 + id = initiative.id, 16.31 + routing = routing, 16.32 + partial = partial 16.33 + } 16.34 end 16.35 end 16.36
17.1 --- a/app/main/vote/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 17.2 +++ b/app/main/vote/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 17.3 @@ -1,5 +1,9 @@ 17.4 local issue = Issue:new_selector():add_where{ "id = ?", param.get("issue_id", atom.integer) }:for_share():single_object_mode():exec() 17.5 17.6 +if not app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then 17.7 + error("access denied") 17.8 +end 17.9 + 17.10 if issue.closed then 17.11 slot.put_into("error", _"This issue is already closed.") 17.12 return false
18.1 --- a/model/member.lua Thu Feb 16 14:08:55 2012 +0100 18.2 +++ b/model/member.lua Thu Feb 16 15:01:49 2012 +0100 18.3 @@ -181,6 +181,17 @@ 18.4 18.5 Member:add_reference{ 18.6 mode = 'mm', 18.7 + to = "Unit", 18.8 + this_key = 'id', 18.9 + that_key = 'id', 18.10 + connected_by_table = 'privilege', 18.11 + connected_by_this_key = 'member_id', 18.12 + connected_by_that_key = 'unit_id', 18.13 + ref = 'units' 18.14 +} 18.15 + 18.16 +Member:add_reference{ 18.17 + mode = 'mm', 18.18 to = "Area", 18.19 this_key = 'id', 18.20 that_key = 'id', 18.21 @@ -432,3 +443,13 @@ 18.22 ui.field.text{ label = args.label, value = _"[not displayed public]" } 18.23 end 18.24 end 18.25 + 18.26 +function Member.object:has_voting_right_for_unit_id(unit_id) 18.27 + return (Privilege:new_selector() 18.28 + :add_where{ "member_id = ?", self.id } 18.29 + :add_where{ "unit_id = ?", unit_id } 18.30 + :add_where("voting_right") 18.31 + :optional_object_mode() 18.32 + :for_share() 18.33 + :exec()) and true or false 18.34 +end 18.35 \ No newline at end of file
19.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 19.2 +++ b/model/privilege.lua Thu Feb 16 15:01:49 2012 +0100 19.3 @@ -0,0 +1,20 @@ 19.4 +Privilege = mondelefant.new_class() 19.5 +Privilege.table = 'privilege' 19.6 + 19.7 + 19.8 +Privilege:add_reference{ 19.9 + mode = 'm1', 19.10 + to = "Member", 19.11 + this_key = 'member_id', 19.12 + that_key = 'id', 19.13 + ref = 'member', 19.14 +} 19.15 + 19.16 +Privilege:add_reference{ 19.17 + mode = 'm1', 19.18 + to = "Unit", 19.19 + this_key = 'unit_id', 19.20 + that_key = 'id', 19.21 + ref = 'unit', 19.22 +} 19.23 +
20.1 --- a/model/unit.lua Thu Feb 16 14:08:55 2012 +0100 20.2 +++ b/model/unit.lua Thu Feb 16 15:01:49 2012 +0100 20.3 @@ -10,6 +10,17 @@ 20.4 back_ref = 'unit' 20.5 } 20.6 20.7 +Unit:add_reference{ 20.8 + mode = 'mm', 20.9 + to = "Member", 20.10 + this_key = 'id', 20.11 + that_key = 'id', 20.12 + connected_by_table = 'privilege', 20.13 + connected_by_this_key = 'unit_id', 20.14 + connected_by_that_key = 'member_id', 20.15 + ref = 'members' 20.16 +} 20.17 + 20.18 function Unit:get_flattened_tree() 20.19 -- TODO implement 20.20