Reverting permissions change

3bbc2800 · Jorran de Wit · 8ccd1f1f · 3bbc2800 · 3bbc2800
Commit 3bbc2800 authored 7 years ago by Jorran de Wit
--- a/production/templates/production/partials/production_stream_card.html
+++ b/production/templates/production/partials/production_stream_card.html
@@ -9,7 +9,7 @@
  <h3>Events</h3>
  {% include 'production/partials/production_events.html' with events=stream.events.all %}

-    {% if "can_work_for_stream" in sub_perms %}
+    {% if "can_perform_supervisory_actions" in sub_perms %}
      {% if perms.scipost.can_publish_accepted_submission or perms.scipost.can_assign_production_supervisor and perms.scipost.can_assign_production_officer %}
          <h3>Actions</h3>
          <ul>
@@ -59,7 +59,7 @@
    <li>Production Officer:
          {% if stream.officer %}
              <strong>{{ stream.officer }}</strong>
-              {% if perms.scipost.can_assign_production_officer and "can_work_for_stream" in sub_perms %}
+              {% if perms.scipost.can_assign_production_officer and "can_perform_supervisory_actions" in sub_perms %}
                  &middot; <a href="{% url 'production:remove_officer' stream_id=stream.id officer_id=stream.officer.id %}" class="text-danger">Remove from stream</a>
              {% endif %}
          {% else %}

--- a/production/views.py
+++ b/production/views.py
@@ -112,7 +112,7 @@ def add_event(request, stream_id):
 def add_officer(request, stream_id):
    stream = get_object_or_404(ProductionStream.objects.ongoing(), pk=stream_id)
    checker = ObjectPermissionChecker(request.user)
-    if not checker.has_perm('can_work_for_stream', stream) or not request.user.has_perm('scipost.can_assign_production_officer'):
+    if not checker.has_perm('can_perform_supervisory_actions', stream):
        return redirect(reverse('production:production'))

    form = AssignOfficerForm(request.POST or None, instance=stream)
@@ -133,7 +133,7 @@ def add_officer(request, stream_id):
 def remove_officer(request, stream_id, officer_id):
    stream = get_object_or_404(ProductionStream.objects.ongoing(), pk=stream_id)
    checker = ObjectPermissionChecker(request.user)
-    if not checker.has_perm('can_work_for_stream', stream) or not request.user.has_perm('scipost.can_assign_production_officer'):
+    if not checker.has_perm('can_perform_supervisory_actions', stream):
        return redirect(reverse('production:production'))

    if getattr(stream.officer, 'id', 0) == int(officer_id):
@@ -155,10 +155,10 @@ def add_supervisor(request, stream_id):
        form.save()
        supervisor = form.cleaned_data.get('supervisor')
        assign_perm('can_work_for_stream', supervisor.user, stream)
+        assign_perm('can_perform_supervisory_actions', supervisor.user, stream)
        messages.success(request, 'Supervisor {supervisor} has been assigned.'.format(
            supervisor=supervisor))
        notify_new_stream_assignment(request.user, stream, supervisor.user)
-        # assign_perm('can_perform_supervisory_actions', supervisor.user, stream)
    else:
        for key, error in form.errors.items():
            messages.warning(request, error[0])