Issue 317 : Restrict organization creation : use Django permissions

pytition · Oct 27, 2024 · d91e1e3 · d91e1e3
1 parent c9f7395
commit d91e1e3
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 3 deletions.
diff --git a/pytition/petition/templates/layouts/nav-useractions.html b/pytition/petition/templates/layouts/nav-useractions.html
@@ -26,10 +26,12 @@
             <span class="oi oi-plus"></span>
             {% trans "New Petition" %}
           </a>
+        {% if not settings.RESTRICT_ORG_CREATION or perms.petition.add_organization %}
           <a class="dropdown-item" href="{% url "org_create" %}">
             <span class="oi oi-plus"></span>
             {% trans "New Organization" %}
           </a>
+        {% endif %}
           <div class="dropdown-divider"></div>
           <a class="dropdown-item" href="{% url "account_settings" %}">
             <span class="oi oi-cog"></span>

diff --git a/pytition/petition/templates/petition/account_settings.html b/pytition/petition/templates/petition/account_settings.html
@@ -71,9 +71,11 @@ <h5 class="mt-2 mb-2"><a href="{% url 'org_dashboard' org.slugname %}">{{org.nam
                 {% else %}
                 <i>{% trans "You are not part of any organization" %}</i>
                 {% endif %}
+                {% if not settings.RESTRICT_ORG_CREATION or perms.petition.add_organization %}
                 <div class="text-center mt-5">
                     <a href="{% url 'org_create' %}" class="btn btn-primary">{% trans "Create an Organization" %}</a>
                 </div>
+                {% endif %}
             </div>
             <div class="tab-pane fade" id="delete_account_form" role="tabpanel"
                  aria-labelledby="delete-account-form-list">

diff --git a/pytition/petition/templates/petition/user_org_list.html b/pytition/petition/templates/petition/user_org_list.html
@@ -2,7 +2,10 @@
 <div class="dashboard-nav-item py-3">
   <div class="d-flex justify-content-between align-items-center flex-wrap">
     <h4><span class="oi oi-people"></span>&nbsp;{% trans "Organizations" %}&nbsp;({{ user.organization_set.all.count }})</h4>
-    <a href="{% url "org_create" %}" class="btn btn-outline-primary btn-sm" data-toggle="tooltip" title="{% trans "Create a new organization" %}">{% trans "New organization" %}</a>
+      {% if not settings.RESTRICT_ORG_CREATION or perms.petition.add_organization %}
+          <a href="{% url "org_create" %}" class="btn btn-outline-primary btn-sm" data-toggle="tooltip"
+             title="{% trans "Create a new organization" %}">{% trans "New organization" %}</a>
+      {% endif %}
   </div>
   <ul class="dashboard-org-list">
   {% for org in user.organization_set.all %}

diff --git a/pytition/petition/views.py b/pytition/petition/views.py
@@ -1545,7 +1545,7 @@ def account_settings(request):
 # Create a new organization
 @login_required
 def org_create(request):
-    if settings.RESTRICT_ORG_CREATION and not request.user.is_superuser:
+    if settings.RESTRICT_ORG_CREATION and not request.user.has_perm('petition.add_organization'):
         messages.error(request, _("Only super users can create an organization."))
         return redirect("user_dashboard")
     user = get_session_user(request)

diff --git a/pytition/pytition/settings/base.py b/pytition/pytition/settings/base.py
@@ -265,7 +265,6 @@
 DISABLE_USER_PETITION = False
 
 #:| If set to True, regular users won't be able to create new organizations.
-#:| Only superusers will be allowed to
 RESTRICT_ORG_CREATION = False
 
 #:| Default address for 'Reply to' field in mail sent on account creation