From ded477a8cf2fe7b3323fd7c1d6671d47091bcc75 Mon Sep 17 00:00:00 2001 From: Kha Date: Mon, 30 Jan 2023 17:31:08 +0100 Subject: [PATCH 1/2] [7008]apps/budgeting/vote-button: only show vote button if has session token and in right phase (list item and detail) --- meinberlin/apps/budgeting/api.py | 9 +++++--- .../assets/BudgetingProposalList.jsx | 2 +- .../assets/BudgetingProposalListItem.jsx | 2 +- .../__tests__/BudgetingProposalList.jest.jsx | 2 +- .../meinberlin_budgeting/proposal_detail.html | 2 +- meinberlin/apps/budgeting/views.py | 23 ++++++++++++++++++- 6 files changed, 32 insertions(+), 8 deletions(-) diff --git a/meinberlin/apps/budgeting/api.py b/meinberlin/apps/budgeting/api.py index 45daf7f022..5e69cbfd57 100644 --- a/meinberlin/apps/budgeting/api.py +++ b/meinberlin/apps/budgeting/api.py @@ -246,9 +246,12 @@ def list(self, request, *args, **kwargs): permissions["view_vote_count"] = user.has_perm( "meinberlin_budgeting.view_vote_count", self.module ) - permissions["view_votes_left"] = self._has_valid_token_in_session( - response - ) and user.has_perm("meinberlin_budgeting.add_vote", self.module) + permissions[ + "has_voting_permission_and_valid_token" + ] = self._has_valid_token_in_session(response) and user.has_perm( + "meinberlin_budgeting.add_vote", self.module + ) + response.data["permissions"] = permissions return response diff --git a/meinberlin/apps/budgeting/assets/BudgetingProposalList.jsx b/meinberlin/apps/budgeting/assets/BudgetingProposalList.jsx index 0fa3babe2b..606cdf3f58 100644 --- a/meinberlin/apps/budgeting/assets/BudgetingProposalList.jsx +++ b/meinberlin/apps/budgeting/assets/BudgetingProposalList.jsx @@ -96,7 +96,7 @@ export const BudgetingProposalList = (props) => { return ( <> - {(meta?.permissions.view_votes_left && meta?.token_info) && + {(meta?.permissions.has_voting_permission_and_valid_token) &&
diff --git a/meinberlin/apps/budgeting/assets/BudgetingProposalListItem.jsx b/meinberlin/apps/budgeting/assets/BudgetingProposalListItem.jsx index 088230f805..9e87ee60a7 100644 --- a/meinberlin/apps/budgeting/assets/BudgetingProposalListItem.jsx +++ b/meinberlin/apps/budgeting/assets/BudgetingProposalListItem.jsx @@ -43,7 +43,7 @@ export const BudgetingProposalListItem = (props) => { {proposal.creator} {date + ' - ' + proposal.reference_number}
- {proposal.vote_allowed && ( + {permissions.has_voting_permission_and_valid_token && proposal.vote_allowed && ( { diff --git a/meinberlin/apps/budgeting/templates/meinberlin_budgeting/proposal_detail.html b/meinberlin/apps/budgeting/templates/meinberlin_budgeting/proposal_detail.html index 84c8879b27..dd7d1c18d4 100644 --- a/meinberlin/apps/budgeting/templates/meinberlin_budgeting/proposal_detail.html +++ b/meinberlin/apps/budgeting/templates/meinberlin_budgeting/proposal_detail.html @@ -29,7 +29,7 @@ {% endif %} {% has_perm 'meinberlin_budgeting.vote_proposal' request.user proposal as vote_allowed %} - {% if vote_allowed %} + {% if vote_allowed and has_valid_token_in_session %}
{% react_proposals_vote view.module proposal %}
diff --git a/meinberlin/apps/budgeting/views.py b/meinberlin/apps/budgeting/views.py index 508da79e9f..9f75a91610 100644 --- a/meinberlin/apps/budgeting/views.py +++ b/meinberlin/apps/budgeting/views.py @@ -80,7 +80,8 @@ def has_valid_token_in_session(self, request): if module_key in request.session["voting_tokens"]: return ( VotingToken.get_voting_token_by_hash( - token_hash=request.session["voting_tokens"][module_key], module=self.module + token_hash=request.session["voting_tokens"][module_key], + module=self.module, ) is not None ) @@ -153,11 +154,31 @@ def get_back(self): return None, None return None, None + def has_valid_token_in_session(self, request): + """Return whether a valid token is stored in the session. + + The token is valid if it is valid for the respective module. + """ + if "voting_tokens" in request.session: + module_key = str(self.module.id) + if module_key in request.session["voting_tokens"]: + return ( + VotingToken.get_voting_token_by_hash( + token_hash=request.session["voting_tokens"][module_key], + module=self.module, + ) + is not None + ) + return False + def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) back_link, back_string = self.get_back() context["back"] = back_link context["back_string"] = back_string + context["has_valid_token_in_session"] = self.has_valid_token_in_session( + self.request + ) return context From ce3a366a6797ddc330bcdef7881c20d2e665ee38 Mon Sep 17 00:00:00 2001 From: rine Date: Thu, 2 Feb 2023 19:13:57 +0100 Subject: [PATCH 2/2] budgeting/views//templates: annotate token_vote_count and show on proposal detail --- .../templates/meinberlin_budgeting/proposal_detail.html | 2 +- meinberlin/apps/budgeting/views.py | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/meinberlin/apps/budgeting/templates/meinberlin_budgeting/proposal_detail.html b/meinberlin/apps/budgeting/templates/meinberlin_budgeting/proposal_detail.html index dd7d1c18d4..3ebad7df92 100644 --- a/meinberlin/apps/budgeting/templates/meinberlin_budgeting/proposal_detail.html +++ b/meinberlin/apps/budgeting/templates/meinberlin_budgeting/proposal_detail.html @@ -25,7 +25,7 @@ {% has_perm 'meinberlin_budgeting.view_vote_count' request.user module as may_view_vote_count %} {% if may_view_vote_count %} -

{% blocktranslate with amount=object.vote_count %}This idea received a total of 1{{ amount }} votes{% endblocktranslate %}

+

{% blocktranslate with amount=object.token_vote_count %}This idea received a total of {{ amount }} votes{% endblocktranslate %}

{% endif %} {% has_perm 'meinberlin_budgeting.vote_proposal' request.user proposal as vote_allowed %} diff --git a/meinberlin/apps/budgeting/views.py b/meinberlin/apps/budgeting/views.py index 9f75a91610..cff70d5c38 100644 --- a/meinberlin/apps/budgeting/views.py +++ b/meinberlin/apps/budgeting/views.py @@ -126,7 +126,9 @@ def post(self, request, *args, **kwargs): class ProposalDetailView(idea_views.AbstractIdeaDetailView): model = models.Proposal queryset = ( - models.Proposal.objects.annotate_positive_rating_count().annotate_negative_rating_count() + models.Proposal.objects.annotate_positive_rating_count() + .annotate_negative_rating_count() + .annotate_token_vote_count() ) permission_required = "meinberlin_budgeting.view_proposal"