# HG changeset patch # User bsw # Date 1329400909 -3600 # Node ID b77e6a17ca77e991c7e6a1d37d3631c11476ff15 # Parent 808269b7f41cfab9b1bef2e447cadd16f2a4b230 Check unit voting right where neccessary, hide action buttons for units without voting right diff -r 808269b7f41c -r b77e6a17ca77 app/main/area/show.lua --- a/app/main/area/show.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/area/show.lua Thu Feb 16 15:01:49 2012 +0100 @@ -50,17 +50,19 @@ params = { area_id = area.id } } - slot.select("actions", function() - ui.link{ - content = function() - ui.image{ static = "icons/16/folder_add.png" } - slot.put(_"Create new issue") - end, - module = "initiative", - view = "new", - params = { area_id = area.id } - } - end) + if app.session.member:has_voting_right_for_unit_id(area.unit_id) then + slot.select("actions", function() + ui.link{ + content = function() + ui.image{ static = "icons/16/folder_add.png" } + slot.put(_"Create new issue") + end, + module = "initiative", + view = "new", + params = { area_id = area.id } + } + end) + end end diff -r 808269b7f41c -r b77e6a17ca77 app/main/delegation/_action/update.lua --- a/app/main/delegation/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/delegation/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 @@ -12,8 +12,6 @@ area_id = nil end -local delegation = Delegation:by_pk(truster_id, unit_id, area_id, issue_id) - if param.get("delete") or trustee_id == -1 then if delegation then @@ -33,6 +31,24 @@ else + local check_unit_id + if unit_id then + check_unit_id = unit_id + elseif area_id then + local area = Area:by_id(area_id) + check_unit_id = area.unit_id + else + local issue = Issue:by_id(issue_id) + local area = Area:by_id(issue.area_id) + check_unit_id = area.unit_id + end + + if not app.session.member:has_voting_right_for_unit_id(check_unit_id) then + error("access denied") + end + + local delegation = Delegation:by_pk(truster_id, unit_id, area_id, issue_id) + if not delegation then delegation = Delegation:new() delegation.truster_id = truster_id diff -r 808269b7f41c -r b77e6a17ca77 app/main/delegation/_show_box.lua --- a/app/main/delegation/_show_box.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/delegation/_show_box.lua Thu Feb 16 15:01:49 2012 +0100 @@ -1,4 +1,19 @@ function change_delegation(scope, unit_id, area_id, issue, delegation, initiative_id) + local check_unit_id + if unit_id then + check_unit_id = unit_id + elseif area_id then + local area = Area:by_id(area_id) + check_unit_id = area.unit_id + else + local area = Area:by_id(issue.area_id) + check_unit_id = area.unit_id + end + + if not app.session.member:has_voting_right_for_unit_id(check_unit_id) then + return + end + local image local text if scope == "unit" and delegation and delegation.unit_id then diff -r 808269b7f41c -r b77e6a17ca77 app/main/initiative/_action/add_support.lua --- a/app/main/initiative/_action/add_support.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/initiative/_action/add_support.lua Thu Feb 16 15:01:49 2012 +0100 @@ -4,6 +4,10 @@ -- TODO important m1 selectors returning result _SET_! local issue = initiative:get_reference_selector("issue"):for_share():single_object_mode():exec() +if not app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then + error("access denied") +end + if issue.closed then slot.put_into("error", _"This issue is already closed.") return false diff -r 808269b7f41c -r b77e6a17ca77 app/main/initiative/_action/create.lua --- a/app/main/initiative/_action/create.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/initiative/_action/create.lua Thu Feb 16 15:01:49 2012 +0100 @@ -33,6 +33,10 @@ end end +if not app.session.member:has_voting_right_for_unit_id(area.unit_id) then + error("access denied") +end + local name = param.get("name") local name = util.trim(name) diff -r 808269b7f41c -r b77e6a17ca77 app/main/initiative/_suggestions.lua --- a/app/main/initiative/_suggestions.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/initiative/_suggestions.lua Thu Feb 16 15:01:49 2012 +0100 @@ -1,6 +1,11 @@ local initiative = param.get("initiative", "table") -if app.session.member_id and not initiative.issue.half_frozen and not initiative.issue.closed and not initiative.revoked then +if app.session.member_id + and not initiative.issue.half_frozen + and not initiative.issue.closed + and not initiative.revoked + and app.session.member:has_voting_right_for_unit_id(initiative.issue.area.unit_id) +then ui.link{ content = function() ui.image{ static = "icons/16/comment_add.png" } diff -r 808269b7f41c -r b77e6a17ca77 app/main/interest/_action/update.lua --- a/app/main/interest/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/interest/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 @@ -22,6 +22,10 @@ return end +if not app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then + error("access denied") +end + if not interest then interest = Interest:new() interest.issue_id = issue_id diff -r 808269b7f41c -r b77e6a17ca77 app/main/interest/_show_box.lua --- a/app/main/interest/_show_box.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/interest/_show_box.lua Thu Feb 16 15:01:49 2012 +0100 @@ -34,7 +34,7 @@ end end } - else + elseif app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then if not issue.closed and not issue.fully_frozen then ui.link{ image = { static = "icons/16/user_add.png" }, diff -r 808269b7f41c -r b77e6a17ca77 app/main/issue/_show_head.lua --- a/app/main/issue/_show_head.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/issue/_show_head.lua Thu Feb 16 15:01:49 2012 +0100 @@ -68,7 +68,7 @@ if app.session.member_id then - if issue.state == 'voting' then + if issue.state == 'voting' and app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then local text if not direct_voter then text = _"Vote now" @@ -116,7 +116,7 @@ end end) -if app.session.member_id then +if app.session.member_id and app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then slot.select("actions", function() if not issue.fully_frozen and not issue.closed then ui.link{ @@ -137,7 +137,9 @@ config.public_access_issue_head(issue) end -if app.session.member_id and issue.state == 'voting' and not direct_voter then +if app.session.member_id and issue.state == 'voting' and not direct_voter + and app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) +then ui.container{ attr = { class = "voting_active_info" }, content = function() diff -r 808269b7f41c -r b77e6a17ca77 app/main/member/show_tab.lua --- a/app/main/member/show_tab.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/member/show_tab.lua Thu Feb 16 15:01:49 2012 +0100 @@ -63,6 +63,7 @@ local selector = Area:new_selector() :reset_fields() + :join("privilege", nil, { "privilege.unit_id = area.unit_id AND privilege.member_id = ? AND privilege.voting_right", app.session.member_id }) :add_field("area.id", nil, { "grouped" }) :add_field("area.name", nil, { "grouped" }) :add_field("membership.member_id NOTNULL", "is_member", { "grouped" }) diff -r 808269b7f41c -r b77e6a17ca77 app/main/membership/_action/update.lua --- a/app/main/membership/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/membership/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 @@ -12,6 +12,10 @@ end if not membership then + local area = Area:by_id(area_id) + if not app.session.member:has_voting_right_for_unit_id(area.unit_id) then + error("access denied") + end membership = Membership:new() membership.area_id = area_id membership.member_id = app.session.member_id diff -r 808269b7f41c -r b77e6a17ca77 app/main/membership/_show_box.lua --- a/app/main/membership/_show_box.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/membership/_show_box.lua Thu Feb 16 15:01:49 2012 +0100 @@ -26,7 +26,7 @@ params = { area_id = area.id, delete = true }, routing = { default = { mode = "redirect", module = "area", view = "show", id = area.id } } } - else + elseif app.session.member:has_voting_right_for_unit_id(area.unit_id) then ui.link{ image = { static = "icons/16/user_add.png" }, text = _"Become a member", diff -r 808269b7f41c -r b77e6a17ca77 app/main/opinion/_action/update.lua --- a/app/main/opinion/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/opinion/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 @@ -22,8 +22,6 @@ return false end - - if param.get("delete") then if opinion then opinion:destroy() @@ -32,6 +30,13 @@ return end +local degree = param.get("degree", atom.number) +local fulfilled = param.get("fulfilled", atom.boolean) + +if degree ~= 0 and not app.session.member:has_voting_right_for_unit_id(suggestion.initiative.issue.area.unit_id) then + error("access denied") +end + if not opinion then opinion = Opinion:new() opinion.member_id = member_id @@ -39,8 +44,6 @@ opinion.fulfilled = false end -local degree = param.get("degree", atom.number) -local fulfilled = param.get("fulfilled", atom.boolean) if degree ~= nil then opinion.degree = degree diff -r 808269b7f41c -r b77e6a17ca77 app/main/suggestion/_action/add.lua --- a/app/main/suggestion/_action/add.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/suggestion/_action/add.lua Thu Feb 16 15:01:49 2012 +0100 @@ -4,6 +4,12 @@ return false end +local initiative = Initiative:by_id(param.get("initiative_id", atom.integer)) +if not app.session.member:has_voting_right_for_unit_id(initiative.issue.area.unit_id) then + error("access denied") +end + + local name = param.get("name") local name = util.trim(name) diff -r 808269b7f41c -r b77e6a17ca77 app/main/suggestion/_list.lua --- a/app/main/suggestion/_list.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/suggestion/_list.lua Thu Feb 16 15:01:49 2012 +0100 @@ -116,7 +116,8 @@ ui.container{ attr = { class = "suggestion_my_opinion" }, content = function() - if app.session.member_id then + local has_voting_right = app.session.member:has_voting_right_for_unit_id(initiative.issue.area.unit_id) + if app.session.member_id and has_voting_right then if initiative.issue.state == "voting" or initiative.issue.state == "closed" then if degree == -2 then ui.tag{ @@ -225,6 +226,8 @@ partial = partial } end + elseif app.session.member_id then + ui.field.text{ value = _"[No voting privilege]" } else ui.field.text{ value = _"[Registered members only]" } end diff -r 808269b7f41c -r b77e6a17ca77 app/main/supporter/_show_box.lua --- a/app/main/supporter/_show_box.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/supporter/_show_box.lua Thu Feb 16 15:01:49 2012 +0100 @@ -64,21 +64,18 @@ routing = routing, partial = partial } - else - - if not initiative.revoked then - local params = param.get_all_cgi() - params.dyn = nil - ui.link{ - image = { static = "icons/16/thumb_up_green.png" }, - text = _"Support this initiative", - module = "initiative", - action = "add_support", - id = initiative.id, - routing = routing, - partial = partial - } - end + elseif not initiative.revoked and app.session.member:has_voting_right_for_unit_id(initiative.issue.area.unit_id) then + local params = param.get_all_cgi() + params.dyn = nil + ui.link{ + image = { static = "icons/16/thumb_up_green.png" }, + text = _"Support this initiative", + module = "initiative", + action = "add_support", + id = initiative.id, + routing = routing, + partial = partial + } end end diff -r 808269b7f41c -r b77e6a17ca77 app/main/vote/_action/update.lua --- a/app/main/vote/_action/update.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/app/main/vote/_action/update.lua Thu Feb 16 15:01:49 2012 +0100 @@ -1,5 +1,9 @@ local issue = Issue:new_selector():add_where{ "id = ?", param.get("issue_id", atom.integer) }:for_share():single_object_mode():exec() +if not app.session.member:has_voting_right_for_unit_id(issue.area.unit_id) then + error("access denied") +end + if issue.closed then slot.put_into("error", _"This issue is already closed.") return false diff -r 808269b7f41c -r b77e6a17ca77 model/member.lua --- a/model/member.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/model/member.lua Thu Feb 16 15:01:49 2012 +0100 @@ -181,6 +181,17 @@ Member:add_reference{ mode = 'mm', + to = "Unit", + this_key = 'id', + that_key = 'id', + connected_by_table = 'privilege', + connected_by_this_key = 'member_id', + connected_by_that_key = 'unit_id', + ref = 'units' +} + +Member:add_reference{ + mode = 'mm', to = "Area", this_key = 'id', that_key = 'id', @@ -432,3 +443,13 @@ ui.field.text{ label = args.label, value = _"[not displayed public]" } end end + +function Member.object:has_voting_right_for_unit_id(unit_id) + return (Privilege:new_selector() + :add_where{ "member_id = ?", self.id } + :add_where{ "unit_id = ?", unit_id } + :add_where("voting_right") + :optional_object_mode() + :for_share() + :exec()) and true or false +end \ No newline at end of file diff -r 808269b7f41c -r b77e6a17ca77 model/privilege.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/model/privilege.lua Thu Feb 16 15:01:49 2012 +0100 @@ -0,0 +1,20 @@ +Privilege = mondelefant.new_class() +Privilege.table = 'privilege' + + +Privilege:add_reference{ + mode = 'm1', + to = "Member", + this_key = 'member_id', + that_key = 'id', + ref = 'member', +} + +Privilege:add_reference{ + mode = 'm1', + to = "Unit", + this_key = 'unit_id', + that_key = 'id', + ref = 'unit', +} + diff -r 808269b7f41c -r b77e6a17ca77 model/unit.lua --- a/model/unit.lua Thu Feb 16 14:08:55 2012 +0100 +++ b/model/unit.lua Thu Feb 16 15:01:49 2012 +0100 @@ -10,6 +10,17 @@ back_ref = 'unit' } +Unit:add_reference{ + mode = 'mm', + to = "Member", + this_key = 'id', + that_key = 'id', + connected_by_table = 'privilege', + connected_by_this_key = 'unit_id', + connected_by_that_key = 'member_id', + ref = 'members' +} + function Unit:get_flattened_tree() -- TODO implement