Share code for lock permission checking

Signed-off-by: Michal Čihař <michal@cihar.com>

Share code for lock permission checking
Signed-off-by: Michal Čihař <michal@cihar.com>
cfd8991f · Michal Čihař · 8889a250 · cfd8991f · cfd8991f · cfd8991f
Commit cfd8991f authored Apr 17, 2015 by Michal Čihař
4 changed files
--- a/weblate/html/js/git-status.html
+++ b/weblate/html/js/git-status.html
@@ -7,6 +7,7 @@
 {% can_update_translation user project as user_can_update_translation %}
 {% can_push_translation user project as user_can_push_translation %}
 {% can_reset_translation user project as user_can_reset_translation %}
+{% can_lock_subproject user project as user_can_lock_subproject %}


 <div class="row">
@@ -158,7 +159,7 @@
 {% endif %}


-{% if perms.trans.lock_subproject and object.is_lockable %}
+{% if user_can_lock_subproject and object.is_lockable %}
 {% if object.locked %}
 <tr>
 <td>

--- a/weblate/trans/permissions.py
+++ b/weblate/trans/permissions.py
@@ -192,3 +192,11 @@ def can_reset_translation(user, project):
    Checks whether user can reset translation repository.
    """
    return check_permission(user, project, 'trans.reset_translation')
+
+
+@cache_permission
+def can_lock_subproject(user, project):
+    """
+    Checks whether user can lock translation subproject.
+    """
+    return check_permission(user, project, 'trans.lock_subproject')
--- a/weblate/trans/templatetags/permissions.py
+++ b/weblate/trans/templatetags/permissions.py
@@ -86,3 +86,8 @@ def can_push_translation(user, project):
 @register.assignment_tag
 def can_reset_translation(user, project):
    return weblate.trans.permissions.can_reset_translation(user, project)
+
+
+@register.assignment_tag
+def can_lock_subproject(user, project):
+    return weblate.trans.permissions.can_lock_subproject(user, project)
--- a/weblate/trans/views/lock.py
+++ b/weblate/trans/views/lock.py
@@ -22,38 +22,44 @@ from django.utils.translation import ugettext as _
 from django.http import HttpResponse
 from django.shortcuts import redirect
 from django.contrib import messages
-from django.contrib.auth.decorators import login_required, permission_required
+from django.contrib.auth.decorators import login_required
+from django.core.exceptions import PermissionDenied

 from weblate.trans.views.helper import (
    get_project, get_subproject, get_translation
 )
+from weblate.trans.permissions import can_lock_subproject


-@permission_required('trans.lock_translation')
-def lock_translation(request, project, subproject, lang):
+@login_required
+def update_lock(request, project, subproject, lang):
    obj = get_translation(request, project, subproject, lang)

    if not obj.is_user_locked(request.user):
-        obj.create_lock(request.user, True)
-        messages.success(request, _('Translation is now locked for you.'))
+        obj.update_lock_time()

-    return redirect(obj)
+    return HttpResponse('ok')


-@login_required
-def update_lock(request, project, subproject, lang):
+def lock_translation(request, project, subproject, lang):
    obj = get_translation(request, project, subproject, lang)

+    if not can_lock_subproject(request.user, obj.subproject.project):
+        raise PermissionDenied()
+
    if not obj.is_user_locked(request.user):
-        obj.update_lock_time()
+        obj.create_lock(request.user, True)
+        messages.success(request, _('Translation is now locked for you.'))

-    return HttpResponse('ok')
+    return redirect(obj)


-@permission_required('trans.lock_translation')
 def unlock_translation(request, project, subproject, lang):
    obj = get_translation(request, project, subproject, lang)

+    if not can_lock_subproject(request.user, obj.subproject.project):
+        raise PermissionDenied()
+
    if not obj.is_user_locked(request.user):
        obj.create_lock(None)
        messages.success(
@@ -64,10 +70,12 @@ def unlock_translation(request, project, subproject, lang):
    return redirect(obj)


-@permission_required('trans.lock_subproject')
 def lock_subproject(request, project, subproject):
    obj = get_subproject(request, project, subproject)

+    if not can_lock_subproject(request.user, obj.project):
+        raise PermissionDenied()
+
    obj.commit_pending(request)

    obj.do_lock(request.user)
@@ -80,10 +88,12 @@ def lock_subproject(request, project, subproject):
    return redirect(obj)


-@permission_required('trans.lock_subproject')
 def unlock_subproject(request, project, subproject):
    obj = get_subproject(request, project, subproject)

+    if not can_lock_subproject(request.user, obj.project):
+        raise PermissionDenied()
+
    obj.do_unlock(request.user)

    messages.success(
@@ -94,10 +104,12 @@ def unlock_subproject(request, project, subproject):
    return redirect(obj)


-@permission_required('trans.lock_subproject')
 def lock_project(request, project):
    obj = get_project(request, project)

+    if not can_lock_subproject(request.user, obj):
+        raise PermissionDenied()
+
    obj.commit_pending(request)

    for subproject in obj.subproject_set.all():
@@ -111,10 +123,12 @@ def lock_project(request, project):
    return redirect(obj)


-@permission_required('trans.lock_subproject')
 def unlock_project(request, project):
    obj = get_project(request, project)

+    if not can_lock_subproject(request.user, obj):
+        raise PermissionDenied()
+
    for subproject in obj.subproject_set.all():
        subproject.do_unlock(request.user)