changeset 236:81620fd76cac

fix minor UI bug: DeletePage/RenamePage was shown active in menu although user missed delete rights. We also stop checking for user.valid as this should be driven by ACLs only. imported from: moin--main--1.5--patch-239
author Thomas Waldmann <tw@waldmann-edv.de>
date Thu, 24 Nov 2005 19:08:11 +0000
parents c1e403174a6d
children ccfa707e7064
files MoinMoin/request.py docs/CHANGES
diffstat 2 files changed, 11 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/request.py	Thu Nov 24 18:24:02 2005 +0000
+++ b/MoinMoin/request.py	Thu Nov 24 19:08:11 2005 +0000
@@ -596,13 +596,11 @@
             # Filter actions by page type, acl and user state
             excluded = []
             if ((page.isUnderlayPage() and not page.isStandardPage()) or
-                not self.user.may.write(page.page_name)):
+                not self.user.may.write(page.page_name) or
+                not self.user.may.delete(page.page_name)):
                 # Prevent modification of underlay only pages, or pages
-                # the user can't write to
+                # the user can't write and can't delete
                 excluded = [u'RenamePage', u'DeletePage',] # AttachFile must NOT be here!
-            elif not self.user.valid:
-                # Prevent rename and delete for non registered users
-                excluded = [u'RenamePage', u'DeletePage']
             for key in excluded:
                 if key in actions:
                     del actions[key]                
--- a/docs/CHANGES	Thu Nov 24 18:24:02 2005 +0000
+++ b/docs/CHANGES	Thu Nov 24 19:08:11 2005 +0000
@@ -1,6 +1,14 @@
 MoinMoin Version History
 ========================
 
+Version 1.5.0current:
+  Fixes:
+    * Fixed a minor user interface bug: it showed RenamePage and DeletePage
+      actions in the menu if you only had write rights and then complained
+      when you really tried when you had no delete rights additionally.
+    * We don't remove RenamePage and DeletePage from menu any more if user is
+      unknown. This stuff is only driven by ACLs now.
+
 Version 1.5.0beta4:
   Fixes:
     * use <span class="anchor"> instead of <a> for line-xxx anchors, this