diff --git a/contracts/forms.py b/contracts/forms.py
index c4c9133299415671599c4a480efd93a00d9277eb..98a03e60fbeb0c057c0a60e40bbac903c6304754 100644
--- a/contracts/forms.py
+++ b/contracts/forms.py
@@ -54,10 +54,28 @@ class ContractAdminForm(forms.ModelForm):
)
continue
- if self.instance.status in (
- Contract.StatusTypes.WORK_IN_PROGRESS,
- Contract.StatusTypes.TO_BE_APPROVED,
+ if (
+ choice_key == Contract.StatusTypes.TO_BE_APPROVED
+ and self.instance.status != Contract.StatusTypes.APPROVED
+ and (
+ self.current_user == self.instance.created_by
+ or self.current_user.has_perm("contract.edit_others")
+ )
):
+ allowed_choices.append((choice_key, choice_label))
+
+ if self.instance.status == Contract.StatusTypes.APPROVED:
+ if self.current_user.has_perm("contract.approve"):
+ if choice_key == Contract.StatusTypes.WORK_IN_PROGRESS:
+ allowed_choices.append(
+ (
+ choice_key,
+ choice_label,
+ )
+ )
+ continue
+
+ if self.instance.status == Contract.StatusTypes.TO_BE_APPROVED:
if self.current_user.has_perm("contract.approve"):
if choice_key in (
Contract.StatusTypes.APPROVED,
@@ -99,7 +117,8 @@ class ContractAdminForm(forms.ModelForm):
)
if (
- clean_data.get("status", self.instance.status)
+ not self.current_user.is_superuser
+ and clean_data.get("status", self.instance.status)
in (self.instance.StatusTypes.APPROVED, self.instance.StatusTypes.REJECTED)
and self.instance.status != clean_data.get("status", self.instance.status)
and self.current_user == self.instance.created_by