CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Refs #39 -- Hide links from users without permission

Browse Source
This commit is contained in:
Raphael Michel
2015-06-23 19:46:50 +02:00
parent b7cbf55db4
commit 7d3e2ec7f2
4 changed files with 139 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/pretix/control/middleware.py
View File

@@ -7,7 +7,7 @@ from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponseNotFound
from django.utils.translation import ugettext as _
from pretix.base.models import Event, Organizer
from pretix.base.models import Event, Organizer, EventPermission
class PermissionMiddleware:
@@ -54,6 +54,10 @@ class PermissionMiddleware:
permitted__id__exact=request.user.id,
organizer__slug=url.kwargs['organizer'],
).select_related('organizer')[0]
request.eventperm = EventPermission.objects.current.get(
event=request.event,
user=request.user
)
request.organizer = request.event.organizer
except IndexError:
return HttpResponseNotFound(_("The selected event was not found or you "

206
src/pretix/control/templates/pretixcontrol/event/base.html
View File

@@ -9,104 +9,114 @@
{% trans "Dashboard" %}
</a>
</li>
<li>
<a href="#">
<i class="fa fa-wrench fa-fw"></i>
{% trans "Settings" %}
<span class="fa arrow"></span>
</a>
<ul class="nav nav-second-level">
<li>
<a href="{% url 'control:event.settings' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings" == url_name %}class="active"{% endif %}>
{% trans "General" %}
</a>
</li>
<li>
<a href="{% url 'control:event.settings.permissions' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings.permissions" == url_name %}class="active"{% endif %}>
{% trans "Permissions" %}
</a>
</li>
<li>
<a href="{% url 'control:event.settings.payment' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings.payment" == url_name %}class="active"{% endif %}>
{% trans "Payment" %}
</a>
</li>
<li>
<a href="{% url 'control:event.settings.plugins' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings.plugins" == url_name %}class="active"{% endif %} >
{% trans "Plugins" %}
</a>
</li>
<li>
<a href="{% url 'control:event.settings.tickets' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings.tickets" == url_name %}class="active"{% endif %} >
{% trans "Tickets" %}
</a>
</li>
</ul>
</li>
<li>
<a href="#">
<i class="fa fa-ticket fa-fw"></i>
{% trans "Products" %}
<span class="fa arrow"></span>
</a>
<ul class="nav nav-second-level">
<li>
<a href="{% url 'control:event.items' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items" == url_name or "event.item." in url_name or url_name == "event.item" %}class="active"{% endif %}>
{% trans "Products" %}</a>
</li>
<li>
<a href="{% url 'control:event.items.quotas' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items.quotas" in url_name %}class="active"{% endif %}>
{% trans "Quotas" %}
</a>
</li>
<li>
<a href="{% url 'control:event.items.categories' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items.categories" in url_name %}class="active"{% endif %}>
{% trans "Categories" %}
</a>
</li>
<li>
<a href="{% url 'control:event.items.properties' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items.properties" in url_name %}class="active"{% endif %}>
{% trans "Properties" %}
</a>
</li>
<li>
<a href="{% url 'control:event.items.questions' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items.questions" in url_name %}class="active"{% endif %}>
{% trans "Questions" %}
</a>
</li>
</ul>
</li>
<li>
<a href="#">
<i class="fa fa-shopping-cart fa-fw"></i>
{% trans "Orders" %}
<span class="fa arrow"></span>
</a>
<ul class="nav nav-second-level">
<li>
<a href="{% url 'control:event.orders' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if url_name == "event.orders" or "event.order." in url_name %}class="active"{% endif %}>
{% trans "All orders" %}
</a>
</li>
<li>
<a href="{% url 'control:event.orders.overview' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if url_name == "event.orders.overview" %}class="active"{% endif %}>
{% trans "Overview" %}
</a>
</li>
</ul>
</li>
{% if request.eventperm.can_change_settings or request.eventperm.can_change_permissions %}
<li>
<a href="#">
<i class="fa fa-wrench fa-fw"></i>
{% trans "Settings" %}
<span class="fa arrow"></span>
</a>
<ul class="nav nav-second-level">
{% if request.eventperm.can_change_settings %}
<li>
<a href="{% url 'control:event.settings' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings" == url_name %}class="active"{% endif %}>
{% trans "General" %}
</a>
</li>
<li>
<a href="{% url 'control:event.settings.payment' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings.payment" == url_name %}class="active"{% endif %}>
{% trans "Payment" %}
</a>
</li>
<li>
<a href="{% url 'control:event.settings.plugins' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings.plugins" == url_name %}class="active"{% endif %} >
{% trans "Plugins" %}
</a>
</li>
<li>
<a href="{% url 'control:event.settings.tickets' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings.tickets" == url_name %}class="active"{% endif %} >
{% trans "Tickets" %}
</a>
</li>
{% endif %}
{% if request.eventperm.can_change_permissions %}
<li>
<a href="{% url 'control:event.settings.permissions' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.settings.permissions" == url_name %}class="active"{% endif %}>
{% trans "Permissions" %}
</a>
</li>
{% endif %}
</ul>
</li>
{% endif %}
{% if request.eventperm.can_change_items %}
<li>
<a href="#">
<i class="fa fa-ticket fa-fw"></i>
{% trans "Products" %}
<span class="fa arrow"></span>
</a>
<ul class="nav nav-second-level">
<li>
<a href="{% url 'control:event.items' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items" == url_name or "event.item." in url_name or url_name == "event.item" %}class="active"{% endif %}>
{% trans "Products" %}</a>
</li>
<li>
<a href="{% url 'control:event.items.quotas' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items.quotas" in url_name %}class="active"{% endif %}>
{% trans "Quotas" %}
</a>
</li>
<li>
<a href="{% url 'control:event.items.categories' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items.categories" in url_name %}class="active"{% endif %}>
{% trans "Categories" %}
</a>
</li>
<li>
<a href="{% url 'control:event.items.properties' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items.properties" in url_name %}class="active"{% endif %}>
{% trans "Properties" %}
</a>
</li>
<li>
<a href="{% url 'control:event.items.questions' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if "event.items.questions" in url_name %}class="active"{% endif %}>
{% trans "Questions" %}
</a>
</li>
</ul>
</li>
{% endif %}
{% if request.eventperm.can_view_orders %}
<li>
<a href="#">
<i class="fa fa-shopping-cart fa-fw"></i>
{% trans "Orders" %}
<span class="fa arrow"></span>
</a>
<ul class="nav nav-second-level">
<li>
<a href="{% url 'control:event.orders' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if url_name == "event.orders" or "event.order." in url_name %}class="active"{% endif %}>
{% trans "All orders" %}
</a>
</li>
<li>
<a href="{% url 'control:event.orders.overview' organizer=request.event.organizer.slug event=request.event.slug %}"
{% if url_name == "event.orders.overview" %}class="active"{% endif %}>
{% trans "Overview" %}
</a>
</li>
</ul>
</li>
{% endif %}
{% for nav in nav_event %}
<li>
<a href="{{ nav.url }}" {% if nav.active %}class="active"{% endif %}>

46
src/pretix/control/templates/pretixcontrol/order/index.html
View File

@@ -12,29 +12,31 @@
{% endblocktrans %}
{% include "pretixcontrol/orders/fragment_order_status.html" with order=order class="pull-right" %}
</h1>
{% if order.status == 'n' or order.status == 'p' %}
<form action="{% url "control:event.order.transition" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}"
method="post">
{% csrf_token %}
<div class="btn-toolbar" role="toolbar">
<div class="btn-group" role="group">
{% if order.status == 'n' %}
<button name="status" value="p" class="btn btn-default">{% trans "Mark as paid" %}</button>
<a href="{% url "control:event.order.extend" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}" class="btn btn-default">
{% trans "Extend payment term" %}
</a>
<a href="{% url "control:event.order.transition" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}?status=c" class="btn btn-default">
{% trans "Cancel order" %}
</a>
{% elif order.status == 'p' %}
<button name="status" value="n" class="btn btn-default">{% trans "Mark as not paid" %}</button>
<a href="{% url "control:event.order.transition" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}?status=r" class="btn btn-default">
{% trans "Refund order" %}
</a>
{% endif %}
{% if request.eventperm.can_change_orders %}
{% if order.status == 'n' or order.status == 'p' %}
<form action="{% url "control:event.order.transition" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}"
method="post">
{% csrf_token %}
<div class="btn-toolbar" role="toolbar">
<div class="btn-group" role="group">
{% if order.status == 'n' %}
<button name="status" value="p" class="btn btn-default">{% trans "Mark as paid" %}</button>
<a href="{% url "control:event.order.extend" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}" class="btn btn-default">
{% trans "Extend payment term" %}
</a>
<a href="{% url "control:event.order.transition" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}?status=c" class="btn btn-default">
{% trans "Cancel order" %}
</a>
{% elif order.status == 'p' %}
<button name="status" value="n" class="btn btn-default">{% trans "Mark as not paid" %}</button>
<a href="{% url "control:event.order.transition" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}?status=r" class="btn btn-default">
{% trans "Refund order" %}
</a>
{% endif %}
</div>
</div>
</div>
</form>
</form>
{% endif %}
{% endif %}
<div class="panel panel-primary items">
<div class="panel-heading">