nikdoof/test-auth
1
0
Fork 0
mirror of https://github.com/nikdoof/test-auth.git synced 2025-12-14 14:52:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Stop apps from changing status that shouldnt be allowed

Browse Source
This commit is contained in:
Andrew Williams
2011-05-27 11:51:32 +01:00
parent 1dca69bb63
commit 6be048030b
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/hr/views.py
View File

@@ -187,11 +187,12 @@ def update_application(request, applicationid, status):
app = get_object_or_404(Application, id=applicationid) app = get_object_or_404(Application, id=applicationid)
perm = check_permissions(request.user, app) if not app.status in [APPLICATION_STATUS_REJECTED, APPLICATION_STATUS_COMPLETED]:
if perm == HR_ADMIN or (perm == HR_VIEWONLY and int(status) <= 1): perm = check_permissions(request.user, app)
if not app.status == status: if perm == HR_ADMIN or (perm == HR_VIEWONLY and int(status) <= 1):
app.status = status if not app.status == status:
app.save(user=request.user) app.status = status
app.save(user=request.user)
return HttpResponseRedirect(reverse('hr.views.view_application', args=[applicationid])) return HttpResponseRedirect(reverse('hr.views.view_application', args=[applicationid]))
@login_required @login_required