From ce122994ccad30b17b5073076bb97ded86f099cf Mon Sep 17 00:00:00 2001 From: Scott Bragg Date: Mon, 13 Jun 2016 21:32:55 +1000 Subject: [PATCH] Changed admin to the 'can_manage' permission and added an is_manager to the page context --- symposion/reviews/views.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/symposion/reviews/views.py b/symposion/reviews/views.py index 037c6742..f6b967e3 100644 --- a/symposion/reviews/views.py +++ b/symposion/reviews/views.py @@ -185,7 +185,7 @@ def review_detail(request, pk): if not request.user.is_superuser and request.user in speakers: return access_not_permitted(request) - admin = request.user.is_staff + admin = request.user.has_perm("reviews.can_manage_%s" % proposal.kind.section.slug) try: latest_vote = LatestVote.objects.get(proposal=proposal, user=request.user) @@ -208,7 +208,7 @@ def review_detail(request, pk): return redirect(request.path) else: message_form = SpeakerCommentForm() - elif "message_submit" in request.POST: + elif "message_submit" in request.POST and admin: message_form = SpeakerCommentForm(request.POST) if message_form.is_valid(): @@ -282,7 +282,8 @@ def review_detail(request, pk): "reviews": reviews, "review_messages": messages, "review_form": review_form, - "message_form": message_form + "message_form": message_form, + "is_manager": admin })