Add one method to check permissions to translate

The check got quite complex over the time and not all places were consistent in enforcing the policy. Signed-off-by: Michal Čihař <michal@cihar.com>
nijel · Apr 16, 2015 · 1d86bf8 · 1d86bf8
1 parent 5f185d7
commit 1d86bf8
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 39 deletions.
diff --git a/weblate/trans/permissions.py b/weblate/trans/permissions.py
@@ -0,0 +1,38 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright © 2012 - 2015 Michal Čihař <michal@cihar.com>
+#
+# This file is part of Weblate <http://weblate.org/>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+"""
+Permissions abstract layer for Weblate.
+"""
+
+
+def can_translate(user, translation):
+    """
+    Checks whether user can translate given translation.
+    """
+    if translation.subproject.locked:
+        return False
+    if not user.has_perm('trans.save_translation'):
+        return False
+    if translation.is_template() and not user.has_perm('trans.save_template'):
+        return False
+    if (translation.only_vote_suggestions() and not
+            user.has_perm('trans.override_suggestion')):
+        return False
+    return True
diff --git a/weblate/trans/views/edit.py b/weblate/trans/views/edit.py
@@ -41,6 +41,7 @@
 from weblate.trans.views.helper import get_translation
 from weblate.trans.checks import CHECKS
 from weblate.trans.util import join_plural
+from weblate.trans.permissions import can_translate
 
 
 def cleanup_session(session):
@@ -290,25 +291,11 @@ def handle_translate(translation, request, user_locked,
 
     if 'suggest' in request.POST:
         go_next = perform_suggestion(unit, form, request)
-    elif (translation.is_template() and not
-          request.user.has_perm('trans.save_template')):
-        # Need privilege to save
-        messages.error(
-            request,
-            _('You don\'t have privileges to save templates!')
-        )
-    elif not request.user.has_perm('trans.save_translation'):
-        # Need privilege to save
+    elif not can_translate(request.user, unit.translation):
         messages.error(
             request,
             _('You don\'t have privileges to save translations!')
         )
-    elif (unit.translation.only_vote_suggestions() and not
-          request.user.has_perm('trans.override_suggestion')):
-        messages.error(
-            request,
-            _('Only suggestions are allowed in this translation!')
-        )
     elif not user_locked:
         # Custom commit message
         message = request.POST.get('commit_message')
@@ -332,17 +319,7 @@ def handle_merge(translation, request, next_unit_url):
     '''
     Handles unit merging.
     '''
-    if (translation.is_template() and not
-            request.user.has_perm('trans.save_template')):
-        # Need privilege to save
-        messages.error(
-            request,
-            _('You don\'t have privileges to save templates!')
-        )
-        return
-
-    if not request.user.has_perm('trans.save_translation'):
-        # Need privilege to save
+    if not can_translate(request.user, translation):
         messages.error(
             request,
             _('You don\'t have privileges to save translations!')
@@ -382,17 +359,7 @@ def handle_merge(translation, request, next_unit_url):
 
 
 def handle_revert(translation, request, next_unit_url):
-    if (translation.is_template() and not
-            request.user.has_perm('trans.save_template')):
-        # Need privilege to save
-        messages.error(
-            request,
-            _('You don\'t have privileges to save templates!')
-        )
-        return
-
-    if not request.user.has_perm('trans.save_translation'):
-        # Need privilege to save
+    if not can_translate(request.user, translation):
         messages.error(
             request,
             _('You don\'t have privileges to save translations!')
@@ -842,14 +809,18 @@ def load_zen(request, project, subproject, lang):
     )
 
 
-@permission_required('trans.save_translation')
 def save_zen(request, project, subproject, lang):
     '''
     Save handler for zen mode.
     '''
     translation = get_translation(request, project, subproject, lang)
     form = TranslationForm(translation, None, request.POST)
-    if not form.is_valid():
+    if not can_translate(request.user, translation):
+        messages.error(
+            request,
+            _('You don\'t have privileges to save translations!')
+        )
+    elif not form.is_valid():
         messages.error(request, _('Failed to save translation!'))
     else:
         unit = form.cleaned_data['unit']