From 8b77efbfabfb3d65b0400e123025c02346454214 Mon Sep 17 00:00:00 2001
From: Dan McGee <dan@archlinux.org>
Date: Thu, 3 Mar 2011 14:59:04 -0600
Subject: Template fine-grained permissioning

Rather than use user.is_authenticated, rely on certain permissions being
set for the user. This allows us to open up the developer side and not
assume everyone is a package maintainer.

Allow all logged-in users to still view todo lists, but don't show the
complete/incomplete links (only the text) unless they are allowed to
mess with todo lists.

Signed-off-by: Dan McGee <dan@archlinux.org>
---
 templates/todolists/view.html | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'templates/todolists/view.html')

diff --git a/templates/todolists/view.html b/templates/todolists/view.html
index ec8c997..36ecb9b 100644
--- a/templates/todolists/view.html
+++ b/templates/todolists/view.html
@@ -38,6 +38,7 @@
                 <td>{{ pkg.pkg.repo.name|capfirst }}</td>
                 <td>{{ pkg.pkg.maintainers|join:', ' }}</td>
                 <td>
+                    {% if perms.main.change_todolistpkg %}
                     {% if pkg.complete %}
                     <a href="/todo/flag/{{ list.id }}/{{ pkg.id }}/"
                         class="status-link complete" title="Toggle completion status">Complete</a>
@@ -45,6 +46,9 @@
                     <a href="/todo/flag/{{ list.id }}/{{ pkg.id }}/"
                         class="status-link incomplete" title="Toggle completion status">Incomplete</a>
                     {% endif %}
+                    {% else %}
+                    {% if pkg.complete %}<span class="complete">Complete</span>{% else %}<span class="incomplete">Incomplete</span>{% endif %}
+                    {% endif %}
                 </td>
             </tr>
             {% endfor %}
-- 
cgit v1.2.3-24-g4f1b