bic/GetTogether
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Only allow creating a new team for an organization if the user can edit the organization

Browse source
This commit is contained in:
Michael Hall 2018-07-29 23:03:02 -04:00
parent f15dc66dc9
commit 5f46eba6d4
2 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
get_together/templates/get_together/orgs/show_org.html
View file

@ -91,11 +91,13 @@
</div>
</div>
{% endfor %}
{% if can_edit_org %}
<div class="row mb-3">
<div class="col">
<center><a class="btn btn-success btn-sm" href="{% url 'create-team' %}?organization={{org.id}}">Add Team</a></center>
</div>
</div>
{% endif %}
</div>
</div>
</div>

8
get_together/views/new_team.py
View file

@ -22,7 +22,9 @@ def start_new_team(request):
new_team.owner_profile = request.user.profile
if request.method == 'GET':
if 'organization' in request.GET and request.GET['organization'] != '':
new_team.organization = Organization.objects.get(id=request.GET['organization'])
org = Organization.objects.get(id=request.GET['organization'])
if request.user.profile.can_edit_org(org):
new_team.organization = org
form = NewTeamForm(instance=new_team)
g = location.get_geoip(request)
if g.latlng is not None and g.latlng[0] is not None and g.latlng[1] is not None:
@ -37,7 +39,9 @@ def start_new_team(request):
return render(request, 'get_together/new_team/start_new_team.html', context)
elif request.method == 'POST':
if 'organization' in request.POST and request.POST['organization'] != '':
new_team.organization = Organization.objects.get(id=request.POST['organization'])
org = Organization.objects.get(id=request.POST['organization'])
if request.user.profile.can_edit_org(org):
new_team.organization = org
form = NewTeamForm(request.POST, request.FILES, instance=new_team)
if form.is_valid():
new_team = form.save()