Fixed #25656 -- Removed link from recent actions when user has no perms.#21169
Fixed #25656 -- Removed link from recent actions when user has no perms.#21169artirix1927 wants to merge 1 commit intodjango:mainfrom
Conversation
|
Thank you for your contribution to Django! This pull request has one or more items that need attention before it can be accepted for review. 🛑 Error: Missing PR DescriptionYour PR description must be substantive and meaningful. The placeholder text "Provide a concise overview of the issue or rationale behind the proposed changes." is not acceptable. What to do: Write a description that contains at least 5 words and addresses:
A meaningful description helps reviewers understand the intent of your change quickly and increases the likelihood that your PR will be reviewed promptly. If you have questions about these requirements, please review the contributing guidelines or ask for help on the Django Forum. |
artirix1927
force-pushed
the
ticket_25656
branch
from
128bfda to
e8130f2
Compare
|
Thank you for your contribution to Django! This pull request has one or more items that need attention before it can be accepted for review. 🛑 Error: Missing PR DescriptionYour PR description must be substantive and meaningful. The placeholder text "Provide a concise overview of the issue or rationale behind the proposed changes." is not acceptable. What to do: Write a description that contains at least 5 words and addresses:
A meaningful description helps reviewers understand the intent of your change quickly and increases the likelihood that your PR will be reviewed promptly. If you have questions about these requirements, please review the contributing guidelines or ask for help on the Django Forum. |
artirix1927
force-pushed
the
ticket_25656
branch
from
e8130f2 to
23fc33c
Compare
artirix1927
force-pushed
the
ticket_25656
branch
2 times, most recently
from
e329f04 to
c5a43c4
Compare
Added jinja simple tag that checks each recent activity entry object if user has permissions to edit it (also takes in account per object permissions from model admin). In html file substitute the link with span (that looks exactly like the link) in cases where user doesn't have neccessary permissions. Added tooltip for span that tells the user about lack of permissions. (Can be deleted if it needs consensus or looks like a bad idea for mergers but I thought its better to keep the same style for links and spans so the recent activites always look the same and to make them differ and more clear using tooltip on hover.) Added regression test that when user lacks permissions makes sure the links are changed with <span>. Added regression test that makes sure per object permission are respected.
artirix1927
force-pushed
the
ticket_25656
branch
from
c5a43c4 to
2bc8e4e
Compare
eevelweezel
left a comment
eevelweezel
left a comment
There was a problem hiding this comment.
When I run my test project with your branch, I don't see the tooltip when I hover over an entry in "My actions" for which I lack view permissions.
Firefox ESR, dark mode, Debian 13
The entry is not clickable though, or it is? |
I was using the example from the ticket, so I'm using a staff user with just add permissions on the object (no change or view). The entry was clickable, but it resulted in a 403. |
Well that's exactly the behavior before my fixes. Are you sure that the my branch is installed as django for the venv in your test project? |
I was certain it was, but who knows. I deleted and recreated my venv, and now I see this. It's not a tooltip, but it's certainly working as expected (I'm guessing the difference is related to using Debian's packaged browser). I've run the tests against main, and they fail as expected. LGTM! |
2 participants
Trac ticket number
ticket-25656
Branch description
Added jinja filter that checks per obj (recent activity entry) if user has permissions to edit the object.
In html file substitute the link with span
(that looks exactly like the link) in cases
where user doesn't have neccessary permissions.
Added tooltip for span that tells the user about
lack of permissions.
(Can be deleted if it needs consensus or looks like a bad idea for mergers but I thought its better to keep the same style for links and spans so the recent activites always look the same and to make them differ and more clear using tooltip on hover.)
Added regression test that makes sure that when user lacks permissions the link is changed with .
AI Assistance Disclosure (REQUIRED)
ChatGpt 5.3 for tooltip css
Checklist
mainbranch.