Fixed bugs where edit links were appearing for unprivileged users.
This commit is contained in:
parent
6440319bb0
commit
c7995c5241
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
<%def name="context_menu_items()">
|
<%def name="context_menu_items()">
|
||||||
<li>${h.link_to("Back to Customer Groups", url('customer_groups'))}</li>
|
<li>${h.link_to("Back to Customer Groups", url('customer_groups'))}</li>
|
||||||
% if form.readonly:
|
% if form.readonly and request.has_perm('customer_groups.update'):
|
||||||
<li>${h.link_to("Edit this Customer Group", url('customer_group.update', uuid=form.fieldset.model.uuid))}</li>
|
<li>${h.link_to("Edit this Customer Group", url('customer_group.update', uuid=form.fieldset.model.uuid))}</li>
|
||||||
% elif form.updating:
|
% elif form.updating:
|
||||||
<li>${h.link_to("View this Customer Group", url('customer_group.read', uuid=form.fieldset.model.uuid))}</li>
|
<li>${h.link_to("View this Customer Group", url('customer_group.read', uuid=form.fieldset.model.uuid))}</li>
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
<%def name="context_menu_items()">
|
<%def name="context_menu_items()">
|
||||||
<li>${h.link_to("Back to Customers", url('customers'))}</li>
|
<li>${h.link_to("Back to Customers", url('customers'))}</li>
|
||||||
% if form.readonly:
|
% if form.readonly and request.has_perm('customers.update'):
|
||||||
<li>${h.link_to("Edit this Customer", url('customer.update', uuid=form.fieldset.model.uuid))}</li>
|
<li>${h.link_to("Edit this Customer", url('customer.update', uuid=form.fieldset.model.uuid))}</li>
|
||||||
% elif form.updating:
|
% elif form.updating:
|
||||||
<li>${h.link_to("View this Customer", url('customer.read', uuid=form.fieldset.model.uuid))}</li>
|
<li>${h.link_to("View this Customer", url('customer.read', uuid=form.fieldset.model.uuid))}</li>
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
<%def name="context_menu_items()">
|
<%def name="context_menu_items()">
|
||||||
<li>${h.link_to("Back to Products", url('products'))}</li>
|
<li>${h.link_to("Back to Products", url('products'))}</li>
|
||||||
% if form.readonly:
|
% if form.readonly and request.has_perm('products.update'):
|
||||||
<li>${h.link_to("Edit this Product", url('product.update', uuid=form.fieldset.model.uuid))}</li>
|
<li>${h.link_to("Edit this Product", url('product.update', uuid=form.fieldset.model.uuid))}</li>
|
||||||
% elif form.updating:
|
% elif form.updating:
|
||||||
<li>${h.link_to("View this Product", url('product.read', uuid=form.fieldset.model.uuid))}</li>
|
<li>${h.link_to("View this Product", url('product.read', uuid=form.fieldset.model.uuid))}</li>
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
<%def name="context_menu_items()">
|
<%def name="context_menu_items()">
|
||||||
<li>${h.link_to("Back to Stores", url('stores'))}</li>
|
<li>${h.link_to("Back to Stores", url('stores'))}</li>
|
||||||
% if form.readonly:
|
% if form.readonly and request.has_perm('stores.update'):
|
||||||
<li>${h.link_to("Edit this Store", url('store.update', uuid=form.fieldset.model.uuid))}</li>
|
<li>${h.link_to("Edit this Store", url('store.update', uuid=form.fieldset.model.uuid))}</li>
|
||||||
% elif form.updating:
|
% elif form.updating:
|
||||||
<li>${h.link_to("View this Store", url('store.read', uuid=form.fieldset.model.uuid))}</li>
|
<li>${h.link_to("View this Store", url('store.read', uuid=form.fieldset.model.uuid))}</li>
|
||||||
|
|
|
@ -82,8 +82,12 @@ class CrudView(View):
|
||||||
return self.make_fieldset(model)
|
return self.make_fieldset(model)
|
||||||
|
|
||||||
def make_form(self, model, **kwargs):
|
def make_form(self, model, **kwargs):
|
||||||
self.creating = model is self.mapped_class
|
if self.readonly:
|
||||||
self.updating = not self.creating
|
self.creating = False
|
||||||
|
self.updating = False
|
||||||
|
else:
|
||||||
|
self.creating = model is self.mapped_class
|
||||||
|
self.updating = not self.creating
|
||||||
|
|
||||||
fieldset = self.fieldset(model)
|
fieldset = self.fieldset(model)
|
||||||
kwargs.setdefault('pretty_name', self.pretty_name)
|
kwargs.setdefault('pretty_name', self.pretty_name)
|
||||||
|
|
|
@ -26,9 +26,10 @@
|
||||||
``rattail.pyramid.views.customergroups`` -- CustomerGroup Views
|
``rattail.pyramid.views.customergroups`` -- CustomerGroup Views
|
||||||
"""
|
"""
|
||||||
|
|
||||||
from edbob.pyramid.views import SearchableAlchemyGridView, CrudView
|
from edbob.pyramid.views import SearchableAlchemyGridView
|
||||||
|
|
||||||
import rattail
|
import rattail
|
||||||
|
from rattail.pyramid.views import CrudView
|
||||||
|
|
||||||
|
|
||||||
class CustomerGroupsGrid(SearchableAlchemyGridView):
|
class CustomerGroupsGrid(SearchableAlchemyGridView):
|
||||||
|
|
|
@ -28,9 +28,10 @@
|
||||||
|
|
||||||
from sqlalchemy import and_
|
from sqlalchemy import and_
|
||||||
|
|
||||||
from edbob.pyramid.views import SearchableAlchemyGridView, CrudView
|
from edbob.pyramid.views import SearchableAlchemyGridView
|
||||||
|
|
||||||
import rattail
|
import rattail
|
||||||
|
from rattail.pyramid.views import CrudView
|
||||||
|
|
||||||
|
|
||||||
class StoresGrid(SearchableAlchemyGridView):
|
class StoresGrid(SearchableAlchemyGridView):
|
||||||
|
|
Loading…
Reference in a new issue