From 8b77efbfabfb3d65b0400e123025c02346454214 Mon Sep 17 00:00:00 2001
From: Dan McGee <dan@archlinux.org>
Date: Thu, 3 Mar 2011 14:59:04 -0600
Subject: Template fine-grained permissioning

Rather than use user.is_authenticated, rely on certain permissions being
set for the user. This allows us to open up the developer side and not
assume everyone is a package maintainer.

Allow all logged-in users to still view todo lists, but don't show the
complete/incomplete links (only the text) unless they are allowed to
mess with todo lists.

Signed-off-by: Dan McGee <dan@archlinux.org>
---
 templates/packages/details.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'templates/packages/details.html')

diff --git a/templates/packages/details.html b/templates/packages/details.html
index ea5e528c..f73e9d7c 100644
--- a/templates/packages/details.html
+++ b/templates/packages/details.html
@@ -26,7 +26,7 @@ <h4>Package Actions</h4>
                         title="Testing package details for {{ tp.pkgname }}">{{ tp.pkgver }}-{{ tp.pkgrel }}</a>
                     in testing</span></li>
                 {% endif %}{% endwith %}
-                {% if user.is_authenticated %}
+                {% if perms.main.change_package %}
                 <li><a href="unflag/" title="Unflag this package">Click here to unflag</a></li>
                 <li><a href="unflag/all/" title="Unflag all matching pkgbase">Click here to unflag all split packages</a></li>
                 {% endif %}
@@ -40,7 +40,7 @@ <h4>Package Actions</h4>
                 <li><a href="download/" title="Download {{ pkg.pkgname }} from mirror">Download From Mirror</a></li>
             </ul>
 
-            {% if user.is_authenticated %}
+            {% if perms.main.change_package %}
             <form id="pkg-action" method="post" action="/packages/update/">{% csrf_token %}
                 <div><input type="hidden" name="pkgid" value="{{ pkg.id }}" /></div>
                 <p>{% if user in pkg.maintainers %}
-- 
cgit v1.2.3-54-g00ecf