From 4bbfe677e4d3b5b32f6a90e0918f95999fbefedf Mon Sep 17 00:00:00 2001 From: Timo Stollenwerk Date: Wed, 6 Oct 2010 13:55:57 +0000 Subject: [PATCH] Replace the can_manage method with a can_review method that checks the 'Review comments' permission. This fixes http://dev.plone.org/plone/ticket/11145. svn path=/plone.app.discussion/trunk/; revision=40534 --- plone/app/discussion/browser/comments.pt | 12 ++++++------ plone/app/discussion/browser/comments.py | 10 +++++++--- .../discussion/tests/test_comments_viewlet.py | 16 ++++++++++------ 3 files changed, 23 insertions(+), 15 deletions(-) diff --git a/plone/app/discussion/browser/comments.pt b/plone/app/discussion/browser/comments.pt index 84dc12e..5495099 100644 --- a/plone/app/discussion/browser/comments.pt +++ b/plone/app/discussion/browser/comments.pt @@ -4,9 +4,9 @@ @@ -38,7 +38,7 @@ tal:attributes="class python:'comment replyTreeLevel'+str(depth)+' state-'+str(review_state); style string:margin-left: ${depth}em; id string:${reply/getId}" - tal:condition="python:canManage or review_state == 'published'"> + tal:condition="python:canReview or review_state == 'published'">
diff --git a/plone/app/discussion/browser/comments.py b/plone/app/discussion/browser/comments.py index b0fe8db..ad4cc36 100644 --- a/plone/app/discussion/browser/comments.py +++ b/plone/app/discussion/browser/comments.py @@ -241,13 +241,17 @@ class CommentsViewlet(ViewletBase): mimetype=mimetype).getData() def can_reply(self): + """Returns true if current user has the 'Reply to item' permission. + """ return getSecurityManager().checkPermission('Reply to item', aq_inner(self.context)) - def can_manage(self): - return getSecurityManager().checkPermission('Manage portal', + def can_review(self): + """Returns true if current user has the 'Review comments' permission. + """ + return getSecurityManager().checkPermission('Review comments', aq_inner(self.context)) - + def is_discussion_allowed(self): context = aq_inner(self.context) conversation = IConversation(context) diff --git a/plone/app/discussion/tests/test_comments_viewlet.py b/plone/app/discussion/tests/test_comments_viewlet.py index 2fa1af6..75d46af 100644 --- a/plone/app/discussion/tests/test_comments_viewlet.py +++ b/plone/app/discussion/tests/test_comments_viewlet.py @@ -206,13 +206,17 @@ class TestCommentsViewlet(PloneTestCase): # Anonymous users can not reply self.failIf(self.viewlet.can_reply()) - def test_can_manage(self): - # Portal owner has manage rights - self.failUnless(self.viewlet.can_manage()) + def test_can_review(self): + # Portal owner has 'can review' permission + self.failUnless(self.viewlet.can_review()) self.logout() - # Anonymous has no manage rights - self.failIf(self.viewlet.can_manage()) - + # Anonymous has no 'can review' permission + self.failIf(self.viewlet.can_review()) + # The reviewer role has the 'Review comments' permission + self.portal.acl_users._doAddUser('reviewer', 'secret', ['Reviewer'], []) + self.login('reviewer') + self.failUnless(self.viewlet.can_review()) + def test_is_discussion_allowed(self): # By default, discussion is disabled self.failIf(self.viewlet.is_discussion_allowed())