#5, allow staff members to delete project sites

tjcsl · Jul 15, 2017 · 9e028a4 · 9e028a4
1 parent d413e53
commit 9e028a4
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 2 deletions.
diff --git a/web3/apps/sites/views/sites.py b/web3/apps/sites/views/sites.py
@@ -76,9 +76,12 @@ def edit_view(request, site_id):
     return render(request, "sites/create_site.html", context)
 
 
-@superuser_required
 def delete_view(request, site_id):
     site = get_object_or_404(Site, id=site_id)
+
+    if not request.user.is_superuser and not (site.purpose == "project" and site.group.users.filter(id=request.user.id).exists()):
+        raise PermissionDenied
+
     if request.method == "POST":
         if not request.POST.get("confirm", None) == site.name:
             messages.error(request, "Delete confirmation failed!")

diff --git a/web3/templates/sites/info_site.html b/web3/templates/sites/info_site.html
@@ -65,7 +65,7 @@ <h3>{{ site.name }}</h3>
 
         <a href="{% url 'index' %}" class="btn btn-ion"><i class="fa fa-undo"></i> Back</a>
         <a href="{% url 'edit_site' site.id %}" class="btn btn-ion"><i class="fa fa-pencil"></i> Configure Site</a>
-        {% if request.user.is_superuser %}
+        {% if request.user.is_superuser or site.purpose == "project" %}
         <a href="{% url 'delete_site' site.id %}" class="btn btn-ion btn-danger"><i class="fa fa-trash-o"></i> Delete Site</a>
         {% endif %}
         <br /><br />