spacecruft
/
satnogs-network
1
0
Fork 0
Code Releases Activity

Fix permissions on deletion

environments/stage/deployments/11
Nikos Roussos 2017-09-26 00:11:08 +03:00
parent ef8d729a24
commit d566c29a1b
No known key found for this signature in database
GPG Key ID: BADFF1767BA7C8E1
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
network/base/views.py
View File

@ -473,12 +473,15 @@ def observation_view(request, id):
@login_required
def observation_delete(request, id):
"""View for deleting observation."""
me = request.user
observation = get_object_or_404(Observation, id=id)
# Having non-existent data is also grounds for deletion if user is staff
if (observation.author == me and observation.is_deletable_before_start) or \
(request.user.has_perm('base.delete_observation') and
observation.is_deletable_after_end):
is_deletable = False
if observation.author == request.user and observation.is_deletable_before_start:
is_deletable = True
if request.user.has_perm('base.delete_observation') and observation.is_deletable_after_end:
is_deletable = True
if request.user.is_superuser:
is_deletable = True
if is_deletable:
observation.delete()
messages.success(request, 'Observation deleted successfully.')
else: