Add common permission for sending user feedback

there can be valid reasons to *not* expose that, so let admin decide
This commit is contained in:
Lance Edgar 2020-03-23 19:33:00 -05:00
parent 51e1a85f0b
commit e04e67774e
4 changed files with 17 additions and 8 deletions

View file

@ -119,7 +119,8 @@ class CommonView(APIView):
# feedback
feedback = Service(name='feedback', path='/feedback')
feedback.add_view('POST', 'feedback', klass=cls)
feedback.add_view('POST', 'feedback', klass=cls,
permission='common.feedback')
config.add_cornice_service(feedback)

View file

@ -71,7 +71,9 @@
% if help_url is not Undefined and help_url:
${h.link_to("Help", help_url, target='_blank', class_='button')}
% endif
<button type="button" id="feedback">Feedback</button>
% if request.has_perm('common.feedback'):
<button type="button" id="feedback">Feedback</button>
% endif
</div>
% if expose_theme_picker and request.has_perm('common.change_app_theme'):

View file

@ -330,9 +330,11 @@
% endif
## Feedback Button / Dialog
<feedback-form
action="${url('feedback')}">
</feedback-form>
% if request.has_perm('common.feedback'):
<feedback-form
action="${url('feedback')}">
</feedback-form>
% endif
</div><!-- level-right -->
</nav><!-- level -->

View file

@ -2,7 +2,7 @@
################################################################################
#
# Rattail -- Retail Software Framework
# Copyright © 2010-2019 Lance Edgar
# Copyright © 2010-2020 Lance Edgar
#
# This file is part of Rattail.
#
@ -229,10 +229,14 @@ class CommonView(View):
config.add_view(cls, attr='change_theme', route_name='change_theme')
# feedback
config.add_tailbone_permission('common', 'common.feedback',
"Send user feedback (to admins) about the app")
config.add_route('feedback', '/feedback', request_method='POST')
config.add_view(cls, attr='feedback', route_name='feedback', renderer='json')
config.add_view(cls, attr='feedback', route_name='feedback',
renderer='json', permission='common.feedback')
config.add_route('mobile.feedback', '/mobile/feedback', request_method='POST')
config.add_view(cls, attr='mobile_feedback', route_name='mobile.feedback', renderer='json')
config.add_view(cls, attr='mobile_feedback', route_name='mobile.feedback',
renderer='json', permission='common.feedback')
# consume batch ID
config.add_tailbone_permission('common', 'common.consume_batch_id',