pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Only the KO can view

Browse Source
This commit is contained in:
Montana
2019-01-31 13:45:00 -05:00
parent 4ed445dd99
commit 516ed9b90e
3 changed files with 15 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
atst/routes/portfolios/task_orders.py
View File

@@ -73,14 +73,20 @@ def view_task_order(portfolio_id, task_order_id):
@portfolios_bp.route("/portfolios/<portfolio_id>/task_order/<task_order_id>/review")
def ko_review(portfolio_id, task_order_id):
task_order = TaskOrders.get(g.current_user, task_order_id)
# get permission: make sure g.current_user is task_order.contracting_officer
portfolio = Portfolios.get(g.current_user, portfolio_id)
return render_template(
"/portfolios/task_orders/review.html",
portfolio=portfolio,
task_order=task_order,
form=KOReviewForm(obj=task_order),
)
if task_order.contracting_officer == g.current_user:
return render_template(
"/portfolios/task_orders/review.html",
portfolio=portfolio,
task_order=task_order,
form=KOReviewForm(obj=task_order),
)
else:
return render_template(
"portfolios/task_orders/show.html",
portfolio=portfolio,
task_order=task_order,
)
@portfolios_bp.route(